Microsoft Outlook Spoofing Vulnerability in Microsoft Products
CVE-2025-21259

5.3MEDIUM

Key Information:

Vendor: Microsoft
Status: Microsoft Outlook For Android
Vendor: CVE Published:; 11 February 2025

Summary

The Microsoft Outlook spoofing vulnerability allows attackers to craft deceptive emails that appear to be from legitimate sources, potentially compromising user trust and leading to unauthorized access or data leakage. This vulnerability can be exploited to manipulate email headers, making it difficult for recipients to discern the true origin of an email. It is crucial for organizations utilizing Microsoft Outlook products to implement security measures and updates to mitigate risks associated with this vulnerability.

Affected Version(s)

Microsoft Outlook for Android Unknown 1.0 < 4.2501.1

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 11, 2025
Vulnerability Reserved
Dec 10, 2024