Remote Code Execution Vulnerability in Microsoft Outlook
CVE-2024-38021

8.8HIGH

Key Information:

Vendor
Microsoft
Status
Microsoft Office 2019
Microsoft 365 Apps For Enterprise
Microsoft Office Ltsc 2021
Microsoft Office 2016
Vendor
CVE Published:
9 July 2024

Badges

๐Ÿ“ˆ Trended๐Ÿ“ˆ Score: 3,770๐Ÿ‘พ Exploit Exists๐ŸŸฃ EPSS 19%๐Ÿ“ฐ News Worthy

What is CVE-2024-38021?

CVE-2024-38021 is a remote code execution vulnerability affecting Microsoft Outlook, a widely used email client essential for communication and productivity in many organizations. This vulnerability allows attackers to execute arbitrary code on a user's system by leveraging malicious emails or attachments. The potential negative impact on an organization includes unauthorized access to sensitive data, the compromise of internal systems, and the disruption of business operations. Given Outlook's role in enterprise environments, this flaw presents a serious risk that could be exploited by threat actors.

Technical Details

CVE-2024-38021 manifests as a weakness within Microsoft Outlook that can be exploited through crafted email content. When a user interacts with such content, the vulnerability allows for the execution of malicious code, which could be used to take control of the affected system. The vulnerability is classified under remote code execution vulnerabilities, which inherently hold a high level of risk due to the potential for attackers to execute code without user consent. Microsoft has acknowledged the issue and is likely working on a resolution to mitigate the risks associated with this vulnerability.

Impact of the Vulnerability

  1. Unauthorized Access: Attackers can gain unauthorized access to sensitive organizational data, potentially leading to data breaches and leakage of confidential information.

  2. System Compromise: The vulnerability can facilitate the full compromise of the affected systems, allowing adversaries to manipulate system resources, install malware, or create backdoor access for future attacks.

  3. Business Disruption: Exploitation could lead to significant operational disruption within the organization, affecting productivity and the integrity of communications, which may result in reputation damage and financial losses.

Affected Version(s)

Microsoft 365 Apps for Enterprise 32-bit Systems 16.0.1

Microsoft Office 2016 32-bit Systems 16.0.0 < 16.0.5456.1000

Microsoft Office 2019 32-bit Systems 19.0.0

News Articles

favicon imageMorphisec

Technical Analysis: CVE-2024-38021

In this blog Morphisec researchers provide technical analysis of CVE-2024-38021, a vulnerability impacting Microsoft Outlook.

favicon imageCybersecurityNews

Outlook Zero-click RCE Vulnerability Technical Details Released

The attack involves passing a composite moniker in an image tag URL. This bypasses the security measures implemented in the hyperlink creation function, leading to potential remote code execution and local NTLM credential leaks.

favicon imageMorphisec

Technical Analysis: CVE-2024-38021

In this blog Morphisec researchers provide technical analysis of CVE-2024-38021, a vulnerability impacting Microsoft Outlook.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

EPSS Score

19% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • ๐Ÿ“ˆ

    Vulnerability started trending

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by Morphisec

  • Vulnerability published

.