by vicarius
log in join community
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

by @the0z1
by @the0z1
23 Jul 2024
#cve_analysis

Write a blog analysis for a CVE

publish

MonikerLink critical vulnerability in MS Outlook (CVE-2024-21413)

CVEs

CVE-2024-21413
9.8 Critical Severity

Apps

Office
OfficeMicrosoft
16.0.17726.20160.*
16.0.17328.*
16.0.17425.20070.*
16.0.17328.20184.*
16.0.5435.*
16.0.17328.20162.*
16.0.17328.20068.*
16.0.17231.20236.*
16.0.17231.20194.*
16.0.5422.*
OLT
Office Long Term Servicing ChannelMicrosoft
2024.*
2021.*
365 Apps
365 AppsMicrosoft
2401.17231.20236.*
116.0.17231.20194.*
16.0.17425.20070.*
16.0.17328.20184.*
16.0.17328.20162.*
16.0.17328.20068.*
16.0.17231.20236.*
16.0.17231.20194.*
16.0.17126.20132.*
16.0.16924.20106.*

PoC video

Summary

A vulnerability has been discovered in Microsoft Outlook known as "MonikerLink," which allows an attacker to obtain NTLM hashes and execute arbitrary remote code on a victim machine by exploiting some specially crafted hyperlinks within an email to bypass the protected view of Outlook.

Description

Tags

#Office#NTLM#CVE-2024-21413#Outlook#remote-code-execution

@the0z1

2 posts

Total vcoins

2.1K

Comments (0)