Outlook Information Disclosure Vulnerability
CVE-2023-35636
Key Information:
- Vendor
- Microsoft
- Status
- Vendor
- CVE Published:
- 12 December 2023
Badges
What is CVE-2023-35636?
CVE-2023-35636 is an information disclosure vulnerability found in Microsoft Outlook, a widely used email and personal information management application. This vulnerability allows unauthorized access to sensitive information within the application, which could negatively impact organizations by exposing critical data to malicious actors. As a result, the integrity and confidentiality of organizational communications and data may be compromised, increasing the risk of data breaches and reputational damage.
Technical Details
This vulnerability pertains specifically to Microsoft Outlook's handling of certain types of information. Exploitation occurs due to flaws in the way the application processes and discloses sensitive data. Attackers capable of successfully exploiting this vulnerability may gain access to data that should remain confidential, which can lead to further exploitation and unauthorized actions within the affected systems. Microsoft has acknowledged the risk associated with this flaw and has included it in their security updates.
Potential impact of CVE-2023-35636
-
Data Breaches: Exploiting this vulnerability could lead to unauthorized access to sensitive communications, potentially resulting in data breaches that expose confidential organizational information to external threats.
-
Regulatory Compliance Risks: Organizations may face legal and financial repercussions if exposed information violates data protection regulations, leading to penalties and loss of trust from customers and stakeholders.
-
Increased Target for Ransomware Attacks: The exposure of critical data could make organizations more susceptible to ransomware attacks, as threat actors might leverage the gained information to orchestrate more sophisticated attacks against the infrastructure.
Affected Version(s)
Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1
Microsoft Office 2016 32-bit Systems 16.0.0 < 16.0.5426.1000
Microsoft Office 2019 32-bit Systems 19.0.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
Help Net SecurityCVE-2023-35636Attackers can steal NTLM password hashes via calendar invites - Help Net Security
A Microsoft Outlook flaw may allow attackers to steal users' NTLM v2 hashes by adding two headers to an email carrying a calendar invite.
1 year ago
New NTLM Hash Leak Attacks Target Outlook, Windows Programs
Data security firm Varonis has disclosed a new vulnerability and three attack methods for obtaining NTLM v2 hashes by targeting Microsoft Outlook and two Windows programs.Β The new vulnerability is tracked as...
1 year ago
GBHackers on SecurityCVE-2023-35636New Outlook Flaw Let Attackers Access Hashed Passwords
A new Outlook vulnerability that can be used to extract NTLMv2 hashes by exploiting Outlook, Windows Performance Analyzer (WPA), and Windows File Explorer has been identified.
1 year ago
References
CVSS V3.1
Timeline
- π‘
Public PoC available
- π
Vulnerability started trending
- π°
Used in Ransomware
- πΎ
Exploit known to exist
- π°
First article discovered by LinkedIn
Vulnerability published
Vulnerability Reserved