Lucene search

Kaspersky LabKLA65510

HistoryApr 09, 2024 - 12:00 a.m.

KLA65510 Multiple vulnerabilities in Microsoft Outlook

2024-04-0900:00:00

Kaspersky Lab

threats.kaspersky.com

microsoft outlook

spoofing vulnerability

windows.

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.5%

JSON

A spoofing vulnerability was found in Microsoft Outlook. Malicious users can exploit this vulnerability to spoof user interface.

Original advisories

CVE-2024-20670

Related products

Microsoft-Outlook

Microsoft-Windows

CVE list

CVE-2024-20670 high

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

Outlook for Windows

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20670

statistics.securelist.com/

threats.kaspersky.com/en/product/Microsoft-Outlook/

threats.kaspersky.com/en/product/Microsoft-Windows/

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.5%

JSON

Related for KLA65510