Skip to content
/ CVE-2024-21413 Public

CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC

License

MIT license
9 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ThemeHackers/CVE-2024-21413

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
template
template
 
 
CVE-2024-21413.py
CVE-2024-21413.py
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
config.ini
config.ini
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

CVE-2024-21413 - Critical Remote Code Execution Vulnerability in Microsoft Outlook

Setup

  • You can change smtp and password and copy the command into Terminal to use CVE-2024-21413-PoC.py

Linux & Ubuntu & ParrotOS & ALL Base on Linux

export [email protected]
export SENDER_PASSWORD=pnsbkvkxwfgwjueu

Windows

$env:SENDER_EMAIL = "[email protected]"
$env:SENDER_PASSWORD = "pnsbkvkxwfgwjueu"

Overview

CVE-2024-21413 is a critical remote code execution (RCE) vulnerability affecting Microsoft Outlook. This zero-day vulnerability, also known as the "MonikerLink" bug, allows attackers to execute arbitrary code on a victim's machine without any user interaction. The vulnerability is triggered by maliciously crafted email messages that exploit specific types of hyperlinks within Outlook, leading to severe consequences such as system compromise, data exfiltration, or the installation of malware.

Affected Versions

The vulnerability affects various versions of Microsoft Outlook, including but not limited to:

  • Microsoft Office 2016
  • Microsoft Office 2019
  • Microsoft Office 2021
  • Microsoft 365 Apps

These versions are affected across both 32-bit and 64-bit editions.

Attack Vector

The MonikerLink bug is particularly dangerous because it bypasses the Office Protected View feature, which is designed to open potentially unsafe files in a read-only, sandboxed environment. By exploiting this vulnerability, attackers can bypass these security mechanisms and gain unauthorized access to sensitive information or take control of the victim's system.

Impact

Successful exploitation of CVE-2024-21413 can result in:

  • Remote code execution
  • Data exfiltration
  • Data encryption
  • Credential harvesting
  • Installation of malware

Given the severity of this vulnerability, it is crucial that affected systems be patched immediately to prevent potential exploitation.

Mitigation

To protect against this vulnerability, it is strongly recommended that users and organizations:

  • Apply the latest security updates provided by Microsoft.
  • Ensure that Outlook and all related Office applications are updated to the latest versions.

For further details and updates, refer to the following sources:

License

This document is licensed under the MIT License.

About

CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

9 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 2

v0.1.1 Latest
Oct 24, 2024
+ 1 release

Packages

No packages published

Languages