May 9, 2023 update: Releases for Microsoft Products has been updated with the release of CVE-2023-29324 - Security Update Guide - Microsoft - Windows MSHTML Platform Security Feature Bypass Vulnerability March 24, 2023 update: Impact Assessment has been updated to a link to Guidance for investigating attacks using CVE-2023-23397 - Microsoft Security Blog.

securelist 3

msrc 1

thn 17

mscve 3

mskb 19

prion 2

cve 2

attackerkb 1

openvas 6

githubexploit 22

talosblog 5

mssecure 1

mmpc 1

nessus 13

trendmicroblog 1

cisa_kev 1

krebs 3

malwarebytes 2

trellix 4

avleonov 1

kaspersky 3

qualysblog 4

rapid7blog 3

securelist

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

2023-07-19 12:00:41

IT threat evolution Q3 2023

2023-12-01 10:00:09

IT threat evolution in Q1 2023. Non-mobile statistics

2023-06-07 08:00:18

msrc

Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

2023-03-14 13:00:00

thn

Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft

2023-05-10 14:23:00

Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits

2023-12-18 15:43:00

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

2023-05-01 08:52:00

mscve

Windows MSHTML Platform Security Feature Bypass Vulnerability

2023-05-09 07:00:00

Microsoft Outlook Elevation of Privilege Vulnerability

2023-03-14 07:00:00

Microsoft Exchange Server Elevation of Privilege Vulnerability

2024-02-13 08:00:00

mskb

KB5026366: Cumulative security update for Internet Explorer: May 9, 2023

2023-05-09 07:00:00

Description of the security update for Outlook 2013: March 14, 2023 (KB5002265)

2023-03-14 07:00:00

Description of the security update for Outlook 2016: March 14, 2023 (KB5002254)

2023-03-14 07:00:00

prion

Security feature bypass

2023-05-09 18:15:00

Privilege escalation

2023-03-14 17:15:00

cve

CVE-2023-29324

2023-05-09 18:15:13

CVE-2023-23397

2023-03-14 17:15:13

attackerkb

CVE-2023-23397

2023-03-14 00:00:00

openvas

Microsoft Outlook 2013 Service Pack 1 Elevation of Privilege Vulnerability (KB5002265)

2023-03-15 00:00:00

Microsoft Outlook 2016 Elevation of Privilege Vulnerability (KB5002254)

2023-03-15 00:00:00

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Mar 2023)

2023-03-15 00:00:00

githubexploit

Exploit for Authentication Bypass by Capture-replay in Microsoft

2023-03-15 17:03:38

Exploit for Authentication Bypass by Capture-replay in Microsoft

2023-03-18 21:44:46

Exploit for Authentication Bypass by Capture-replay in Microsoft

2023-03-22 11:00:47

talosblog

Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild

2023-03-15 23:46:33

Threat Source newsletter (March 23, 2023) — Meta is threatening to ban news sharing in Canada. Good.

2023-03-23 18:00:16

Threat Source newsletter (March 16, 2023) — A deep dive into Talos' work in Ukraine

2023-03-16 18:00:15

mssecure

Guidance for investigating attacks using CVE-2023-23397

2023-03-24 18:30:00

mmpc

Guidance for investigating attacks using CVE-2023-23397

2023-03-24 18:30:00

nessus

Security Updates for Outlook (March 2023)

2023-03-14 00:00:00

Security Updates for Outlook C2R Elevation of Privilege (March 2023)

2023-03-16 00:00:00

KB5026427: Windows Server 2008 Security Update (May 2023)

2023-05-09 00:00:00

trendmicroblog

Patch CVE-2023-23397 Immediately: What You Need To Know and Do

2023-03-21 00:00:00

cisa_kev

Microsoft Office Outlook Privilege Escalation Vulnerability

2023-03-14 00:00:00

krebs

Microsoft Patch Tuesday, March 2023 Edition

2023-03-15 15:19:32

Microsoft Patch Tuesday, December 2023 Edition

2023-12-12 22:21:00

Fat Patch Tuesday, February 2024 Edition

2024-02-13 22:28:48

malwarebytes

How Outlook notification sounds can lead to zero-click exploits

2023-12-21 21:28:01

Update now! Microsoft fixes two zero-day bugs

2023-03-15 01:00:00

trellix

CVE-2023-23397: The Notification Sound You Don’t Want to Hear

2023-03-17 00:00:00

CVE-2023-23397: The Notification Sound You Don’t Want to Hear

2023-03-17 00:00:00

The Bug Report - March 2023 Edition

2023-04-05 00:00:00

avleonov

Microsoft Patch Tuesday March 2023: Outlook EoP, MOTW Bypass, Excel DoS, HTTP/3 RCE, ICMP RCE, RPC RCE

2023-03-27 00:25:37

kaspersky

KLA48560 Multiple vulnerabilities in Microsoft Office

2023-03-14 00:00:00

KLA49156 Multiple vulnerabilities in Microsoft Products (ESU)

2023-05-09 00:00:00

KLA49154 Multiple vulnerabilities in Microsoft Windows

2023-05-09 00:00:00

qualysblog

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023

2023-09-26 13:04:00

2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is

2023-12-19 15:00:00

Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review

2023-05-09 21:24:08

rapid7blog

Patch Tuesday - May 2023

2023-05-09 20:02:02

Patch Tuesday - September 2023

2023-09-12 22:55:55

Patch Tuesday - March 2023

2023-03-14 23:46:44

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.939 High

EPSS

Percentile

98.7%

JSON

Related for MSRC:ECCF20342A68B0A97947F52977641AAD