1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Microsoft Outlook Improper Input Validation Vulnerability

Known Exploited Vulnerabilities CVE-2024-21413

Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2024-21413 Microsoft Outlook Improper Input Validation Vulnerability exploitation_technique T1566.002 Spearphishing Link
Comments
Attackers can send a specially crafted email that uses the file:// protocol to reference a server that they own, ending the file:// link with an exclamation mark to bypass Outlook's security features, leading to remote code execution.
References
  1. https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
CVE-2024-21413 Microsoft Outlook Improper Input Validation Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
Attackers can send a specially crafted email that uses the file:// protocol to reference a server that they own, ending the file:// link with an exclamation mark to bypass Outlook's security features, leading to remote code execution.
References
  1. https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability