Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2024-21413 | Microsoft Outlook Improper Input Validation Vulnerability | exploitation_technique | T1566.002 | Spearphishing Link |
Comments
Attackers can send a specially crafted email that uses the file:// protocol to reference a server that they own, ending the file:// link with an exclamation mark to bypass Outlook's security features, leading to remote code execution.
References
|
| CVE-2024-21413 | Microsoft Outlook Improper Input Validation Vulnerability | primary_impact | T1059 | Command and Scripting Interpreter |
Comments
Attackers can send a specially crafted email that uses the file:// protocol to reference a server that they own, ending the file:// link with an exclamation mark to bypass Outlook's security features, leading to remote code execution.
References
|