We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale.

talosblog 4

thn 17

githubexploit 22

mscve 3

attackerkb 1

mskb 2

openvas 3

mssecure 1

mmpc 1

prion 1

nessus 2

cve 1

cisa_kev 1

msrc 2

securelist 3

krebs 3

malwarebytes 2

trellix 4

kaspersky 1

qualysblog 3

avleonov 1

rapid7blog 2

talosblog

Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild

2023-03-15 23:46:33

Threat Source newsletter (March 23, 2023) — Meta is threatening to ban news sharing in Canada. Good.

2023-03-23 18:00:16

Threat Source newsletter (March 16, 2023) — A deep dive into Talos' work in Ukraine

2023-03-16 18:00:15

thn

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

2023-05-01 08:52:00

APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme

2024-03-18 05:59:00

CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK

2023-12-29 10:41:00

githubexploit

Exploit for Authentication Bypass by Capture-replay in Microsoft

2023-03-16 19:10:37

Exploit for Authentication Bypass by Capture-replay in Microsoft

2023-03-20 17:45:37

Exploit for Authentication Bypass by Capture-replay in Microsoft

2023-03-17 03:38:50

mscve

Microsoft Outlook Elevation of Privilege Vulnerability

2023-03-14 07:00:00

Windows MSHTML Platform Security Feature Bypass Vulnerability

2023-05-09 07:00:00

Microsoft Exchange Server Elevation of Privilege Vulnerability

2024-02-13 08:00:00

attackerkb

CVE-2023-23397

2023-03-14 00:00:00

mskb

Description of the security update for Outlook 2013: March 14, 2023 (KB5002265)

2023-03-14 07:00:00

Description of the security update for Outlook 2016: March 14, 2023 (KB5002254)

2023-03-14 07:00:00

openvas

Microsoft Outlook 2013 Service Pack 1 Elevation of Privilege Vulnerability (KB5002265)

2023-03-15 00:00:00

Microsoft Outlook 2016 Elevation of Privilege Vulnerability (KB5002254)

2023-03-15 00:00:00

Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Mar 2023)

2023-03-15 00:00:00

mssecure

Guidance for investigating attacks using CVE-2023-23397

2023-03-24 18:30:00

mmpc

Guidance for investigating attacks using CVE-2023-23397

2023-03-24 18:30:00

prion

Privilege escalation

2023-03-14 17:15:00

nessus

Security Updates for Outlook (March 2023)

2023-03-14 00:00:00

Security Updates for Outlook C2R Elevation of Privilege (March 2023)

2023-03-16 00:00:00

cve

CVE-2023-23397

2023-03-14 17:15:13

cisa_kev

Microsoft Office Outlook Privilege Escalation Vulnerability

2023-03-14 00:00:00

msrc

Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

2023-03-14 13:00:00

Microsoft Mitigates Outlook Elevation of Privilege Vulnerability

2023-03-14 13:00:00

securelist

Comprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerability

2023-07-19 12:00:41

IT threat evolution Q3 2023

2023-12-01 10:00:09

IT threat evolution in Q1 2023. Non-mobile statistics

2023-06-07 08:00:18

krebs

Microsoft Patch Tuesday, March 2023 Edition

2023-03-15 15:19:32

Microsoft Patch Tuesday, December 2023 Edition

2023-12-12 22:21:00

Fat Patch Tuesday, February 2024 Edition

2024-02-13 22:28:48

malwarebytes

How Outlook notification sounds can lead to zero-click exploits

2023-12-21 21:28:01

Update now! Microsoft fixes two zero-day bugs

2023-03-15 01:00:00

trellix

CVE-2023-23397: The Notification Sound You Don’t Want to Hear

2023-03-17 00:00:00

CVE-2023-23397: The Notification Sound You Don’t Want to Hear

2023-03-17 00:00:00

The Bug Report - March 2023 Edition

2023-04-05 00:00:00

kaspersky

KLA48560 Multiple vulnerabilities in Microsoft Office

2023-03-14 00:00:00

qualysblog

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023

2023-09-26 13:04:00

2023 Threat Landscape Year in Review: If Everything Is Critical, Nothing Is

2023-12-19 15:00:00

The March 2023 Patch Tuesday Security Update Review

2023-03-15 00:08:07

avleonov

Microsoft Patch Tuesday March 2023: Outlook EoP, MOTW Bypass, Excel DoS, HTTP/3 RCE, ICMP RCE, RPC RCE

2023-03-27 00:25:37

rapid7blog

Patch Tuesday - September 2023

2023-09-12 22:55:55

Patch Tuesday - March 2023

2023-03-14 23:46:44

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.958 High

EPSS

Percentile

99.1%

JSON

Related for TRENDMICROBLOG:A4C1C14C94E1DED6C844FB6F662F672B