← back
CVE-2023-23397

Microsoft Outlook Elevation of Privilege Vulnerability

CVSS 9.8 CRITICALEPSS 97.4%● KEVCWE-20
In short

Microsoft Outlook contains a flaw that allows attackers to gain administrative privileges on a computer by sending specially crafted email messages. This is critical because an attacker can take full control of the system without requiring the user to click suspicious links or perform special actions.

Technical detail

An improper input validation vulnerability (CWE-20) in Microsoft Outlook allows remote code execution and privilege escalation through maliciously crafted email messages. The attack vector is network-based; an unauthenticated attacker can trigger the vulnerability by sending a specially formatted email that exploits inadequate validation of message content, resulting in arbitrary code execution with elevated privileges.

Summary generated and translated by AI from the official description.
Microsoft Outlook Elevation of Privilege Vulnerability
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C
Affected products
Microsoft · Microsoft 365 Apps for EnterpriseMicrosoft · Microsoft Office 2019Microsoft · Microsoft Office LTSC 2021Microsoft · Microsoft Outlook 2013 Service Pack 1Microsoft · Microsoft Outlook 2016
public PoCs found28
githubgithub.com/api0cradle/CVE-2023-23397-POC-Powershell346githubgithub.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY159githubgithub.com/Trackflaw/CVE-2023-23397130githubgithub.com/ka7ana/CVE-2023-2339739githubgithub.com/tiepologian/CVE-2023-2339725githubgithub.com/Muhammad-Ali007/OutlookNTLM_CVE-2023-2339722githubgithub.com/BronzeBee/cve-2023-2339714githubgithub.com/djackreuter/CVE-2023-23397-PoC9githubgithub.com/BillSkiCO/CVE-2023-23397_EXPLOIT7githubgithub.com/vlad-a-man/CVE-2023-233977githubgithub.com/ahmedkhlief/CVE-2023-23397-POC6githubgithub.com/grn-bogo/CVE-2023-233974githubgithub.com/Pushkarup/CVE-2023-233974githubgithub.com/alicangnll/CVE-2023-233973githubgithub.com/P4x1s/CVE-2023-23397-POC3githubgithub.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook2githubgithub.com/moneertv/CVE-2023-233971githubgithub.com/j0eyv/CVE-2023-233971githubgithub.com/Cyb3rMaddy/CVE-2023-23397-Report1githubgithub.com/SecCTechs/CVE-2023-233971githubgithub.com/TheUnknownSoul/CVE-2023-23397-PoW1githubgithub.com/Phaedrik/CVE-2023-23397-POC1githubgithub.com/ducnorth2712/CVE-2023-233970githubgithub.com/Zeppperoni/CVE-2023-23397-Patch0githubgithub.com/Symbolexe/CVE-2023-233970githubgithub.com/jacquesquail/CVE-2023-233970githubgithub.com/Gilospy/CVE-2023-233970githubgithub.com/im007/CVE-2023-233970
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-23397