Library Injection Vulnerability in Microsoft Outlook for macOS
CVE-2024-42220

7.1HIGH

Key Information:

Vendor: Microsoft
Vendor: CVE Published:; 18 December 2024

Summary

CVE-2024-42220 is a high-risk library injection vulnerability identified in Microsoft Outlook version 16.83.3 for macOS. This vulnerability allows attackers to leverage the software's access privileges through specially crafted libraries. When a malicious application injects such a library, it can exploit the permissions of the vulnerable Outlook application, leading to unauthorized access and potential data compromise. Users of Microsoft Outlook on macOS should take immediate action to mitigate this risk by applying necessary software updates and monitoring for any unusual activity.

References

https://talosintelligence.com/vulnerability_reports/TALOS...

https://www.talosintelligence.com/vulnerability_reports/T...

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 18, 2024

Collectors

NVD Database