- Description
- Microsoft Outlook Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Microsoft Outlook Improper Input Validation Vulnerability
- Exploit added on
- Feb 6, 2025
- Exploit action due
- Feb 27, 2025
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-20
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
CVE-2024-21413 | Microsoft Outlook Remote Code Execution https://t.co/KdcRILuLOB
@Domenech97
26 Mar 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Day 92 of #100DaysOfCybersecurity @jay_hunts @segoslavia Explored the Moniker Link room on TryHackMe and learned about CVE-2024-21413, an Outlook vulnerability allowing NTLM hash leaks & RCE via malicious links. Tested it using Responder & a Python script with smtplib.
@Babatunde739
17 Mar 2025
84 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Moniker link vulnerability with the assigned CVE of CVE-2024-21413 the way of attacking vulnerabiliry https://t.co/tC0BE1x4yD
@akdknfndekdkkdn
15 Mar 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Is your organization using Outlook? Is it up to date? It is a good practice to always use the latest versions of the apps. If not, be sure to always download security updates. There are versions of Outlook that are vulnerable to Moniker Link (CVE-2024-21413).
@blue_squ1rrel
13 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Vulnerability #CVE202421413 CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available https://t.co/9nSJAXD4kr
@Komodosec
9 Mar 2025
94 Impressions
1 Retweet
1 Like
2 Bookmarks
0 Replies
0 Quotes
Microsoft Outlook の脆弱性 CVE-2024-21413:積極的な悪用と CISA KEV 登録 https://t.co/N7XOQHd9UD Microsoft Outlook の RCE 脆弱性 CVE-2024-21413 が、CISA KEV に登録されました。この脆弱性は、すでに PoC… https://t.co/dQKhhqsiSi
@iototsecnews
17 Feb 2025
43 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Die US-Sicherheitsbehörde #CISA warnt vor einer akuten Bedrohung: Eine kritische Sicherheitslücke in #Microsoft #Outlook (CVE-2024-21413) wird derzeit aktiv von Cyberkriminellen ausgenutzt. https://t.co/XBhJ4aMuW8
@it__security
14 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical #Microsoft Outlook Vulnerability (#CVE-2024-21413) Actively Exploited in Attacks – CISA Warns https://t.co/1aF3goF4H4
@UndercodeUpdate
14 Feb 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA has warned U.S. federal agencies about active exploitation of a critical Microsoft Outlook Remote Code Execution (RCE) vulnerability (CVE-2024-21413). . Discovered by Check Point, the flaw allows attackers to bypass Outlook’s Protected View. . #CyberSecurity https://t.co/dLq
@AvmConsulting
14 Feb 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft Outlookの保護ビュー機能を回避するの重大なRCE脆弱性「CVE-2024-21413」がCISA脆弱性カタログに追加されました。この脆弱性は2024年2月に修正プログラムが公開されていますが、いまだに未パッチのシステムが多く存在するため、攻撃のリスクが高まっています。 https://t.co/IIhLKUPb2U https://t.co/fSCgYh5oAU
@t_nihonmatsu
12 Feb 2025
237 Impressions
0 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
Microsoft Outlook(マイクロソフト アウトルック)で重大な脆弱性(CVE-2024-21413)が発生しています。ゼロデイ攻撃に悪用される可能性が高いので対象者はアップデートして対応する事をお勧めします。 #セキュリティ #セキュリティ対策Lab https://t.co/jUywpmWaA8
@securityLab_jp
11 Feb 2025
37 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Microsoft Outlookの重大なリモートコード実行バグが悪用!CISAはMicrosoft Outlookの重大なリモートコード実行脆弱性を狙った進行中の攻撃からシステムを保護するよう警告した。CVE-2024-21413として追跡されているこの欠陥は、脆弱なバージョンの Outlook… https://t.co/h180DjzhLa
@gotopcj
11 Feb 2025
458 Impressions
3 Retweets
18 Likes
2 Bookmarks
1 Reply
0 Quotes
🚨 Critical RCE vulnerability in Microsoft Outlook! CVE-2024-21413 is being actively exploited, allowing remote code execution via malicious emails. Even opening the preview pane can trigger an attack! 🔒 Update NOW with Microsoft's February 2024 security patch! #CyberSecurity…
@shinO7_O7
11 Feb 2025
276 Impressions
5 Retweets
33 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Critical Outlook RCE Bug Exploited! 🚨 Hackers are actively targeting CVE-2024-21413, allowing remote code execution via malicious emails! Update your systems now to stay protected. 🔗 Read more: https://t.co/Yr7xzaVoc4 #microsoft #CyberSecurity #hackers #RCE #email https:/
@GeekFeedNet
9 Feb 2025
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
【緊急警告】マイクロソフトOutlookの重大な脆弱性、今すぐ対策を! CISAが警告するMicrosoft Outlookの重大な脆弱性(CVE-2024-21413)について解説 【緊急警告】マイクロソフトOutlookの重大な脆弱性、今すぐ対策を! - サイバーセキュリティナビ https://t.co/bntzJ3b7QB
@jp_cb_security
9 Feb 2025
98 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
آسیب پذیری CVE-2024-21413 در Microsoft Outlook مورد سوءاستفاده قرار گرفت #Cyber_Security_News #اخبار_امنیت_سایبری #CVE_2024_21413 #Microsoft_Outlook https://t.co/2DROsQSDo0
@vulnerbyte
9 Feb 2025
46 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2025-23369 2 - CVE-2025-23419 3 - CVE-2025-21298 4 - CVE-2024-21413 5 - CVE-2013-2678 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
9 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
GitHub - xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability: Microsoft-Outlook-Remote-Code-Execution-Vulnerability https://t.co/Bly2AJTQ0h
@N0tus3rF0und
9 Feb 2025
26 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 CVE-2024-21413: Vulnerabilidad crítica en Outlook permite ejecución remota de código https://t.co/F4GNtNHQNp
@tpx_Security
8 Feb 2025
183 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
آسیب پذیری جدیدی با کد شناسایی CVE-2024-21413 برای برنامه outlook منتشر شده است. هکرها با ارسال یک لینک در ایمیل برای قربانیان و در نهایت کلیک کردن این لینک توسط قربانی زمانی که ایمیل را با برنامه outlook باز نموده اند ، به سیستم قربانی دسترسی می گیرند. https://t.co/Poz3aKY03t ht
@AmirHossein_sec
8 Feb 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of a critical RCE vulnerability (CVE-2024-21413) in Microsoft Outlook, allowing attackers to bypass Protected View and execute code via malicious email links. Stay vigilant. https://t.co/7OYof7tO7R
@Teemu_Tiainen
8 Feb 2025
69 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsft Outlookの脆弱性 CVE-2024-21413 は悪意のあるリンクを含むメールから保護ビューを回避しOfficeファイルを編集モードで開くことでコード実行可能とのこと。また、プレビューでも悪用の可能性あり。 https://t.co/c4s3EjJbHo
@ntsuji
8 Feb 2025
3956 Impressions
6 Retweets
36 Likes
8 Bookmarks
1 Reply
1 Quote
🚨Alert🚨 CVE-2024-21413 (CVSS 9.8) : Microsoft Outlook RCE Vulnerability 🔥PoC:https://t.co/SxTcZTI6mE 📊 1.1M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/D4e39xFq6L 👇Query HUNTER : https://t.co/q9rtuGfZuz="Outlook Web App" FOFA :… http
@HunterMapping
8 Feb 2025
4196 Impressions
42 Retweets
97 Likes
41 Bookmarks
0 Replies
1 Quote
Microsoft Outlook Under Attack CVE-2024-21413, a critical Remote Code Execution (RCE) flaw, is being actively exploited! Hackers use malicious Office docs to bypass Protected View, steal NTLM credentials & run arbitrary code. Outlook 2016, Office 2019, LTSC 2021, Microsoft 3
@dCypherIO
7 Feb 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA warns of a critical Microsoft Outlook vulnerability (CVE-2024-21413) under active exploitation. Users must update systems to stay safe. #CyberSecurity #DataProtection 🐱 Sources: forbes https://t.co/mrKOYy1h34
@CuriousCatsAI
7 Feb 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 ¡Alerta de Seguridad! 🚨 CISA advierte sobre una vulnerabilidad crítica (CVE-2024-21413) en Microsoft Outlook, utilizada activamente para ataques de ejecución remota de código. ⚠️ https://t.co/g60cRvx9JO
@esconsulting__
7 Feb 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available https://t.co/VG5QbA7YQz
@Dinosn
7 Feb 2025
5865 Impressions
31 Retweets
120 Likes
38 Bookmarks
1 Reply
0 Quotes
🚨 Critical #Outlook Vulnerability (CVE-2024-21413) Under Active Exploitation! #Attackers are exploiting a flaw in Microsoft Outlook that bypasses Protected View using a malicious file:// link. This tricks #Outlook into opening files in editing mode, enabling remote code… https:
@Cloud_Breach
7 Feb 2025
254 Impressions
2 Retweets
5 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available https://t.co/mlPlGUiUJS
@samilaiho
7 Feb 2025
2038 Impressions
5 Retweets
18 Likes
10 Bookmarks
1 Reply
0 Quotes
CVE-2024-21413 (CVSS 9.8): Critical #Outlook Flaw Under Active Attack, PoC Available CISA has issued a warning, mandating U.S. federal agencies to patch their systems against this actively exploited vulnerability https://t.co/W3yDDparZr
@the_yellow_fall
7 Feb 2025
521 Impressions
3 Retweets
6 Likes
3 Bookmarks
0 Replies
0 Quotes
🚨 CVE Alert: Microsoft Outlook Remote Code Execution Vulnerability Exploited In The Wild🚨 Vulnerability Details: CVE-2024-21413 (CVSS 9.8/10) Microsoft Outlook Remote Code Execution Vulnerability Impact: A Successful exploit may allow a remote attacker to execute malicious… h
@CyberxtronTech
7 Feb 2025
107 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 URGENT: A critical Microsoft Outlook vulnerability (CVE-2024-21413) is under active exploitation! Hackers can steal credentials & execute #malware. Patch NOW! #CyberSecurity #CISAAlert #microsoft #outlook #cve202421413 #Canada #CanadaCyberAwareness https://t.co/T2dhNW22l
@FindSecCyber
7 Feb 2025
75 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical Microsoft Outlook Vulnerability (CVE-2024-21413) Actively Exploited in Attacks – CISA Warns | Read: https://t.co/VbYhIWX5AD https://t.co/1HO1wghIkQ
@imNaviya
7 Feb 2025
74 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CISA adds 5 new exploits including CVE-2024-21413 / Outlook input validation exploit on the know expliot list https://t.co/OGYXPi8sKb
@TRX7800X
7 Feb 2025
78 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2024-21413 is a vulnerability that keeps on giving, brought to you by @HaifeiLi. https://t.co/5KHFrni5Cr
@gothburz
6 Feb 2025
2164 Impressions
7 Retweets
23 Likes
7 Bookmarks
0 Replies
0 Quotes
米国サイバーセキュリティ・社会基盤安全保障庁(CISA)が既知の悪用された脆弱性カタログに5件を追加。 - 7-ZipのCVE-2025-0411 - Dante DiscoveryのCVE-2022-23748 - OutlookのCVE-2024-21413 - CyberoamOSのCVE-2020-29574 - Sophos XG FirewallのCVE-2020-15069 https://t.co/0sYTd2KRAC https://t.co/aOFyydVO9D
@__kokumoto
6 Feb 2025
1953 Impressions
4 Retweets
27 Likes
8 Bookmarks
1 Reply
2 Quotes
🚨 Warning from CISA: A critical vulnerability (CVE-2024-21413) in Microsoft Outlook is being exploited, allowing attackers to execute code via manipulated email links. U.S. federal agencies must secure networks by Feb 27, 2024. 🛡️ #MicrosoftOutlook #US … https://t.co/zy34Gat054
@TweetThreatNews
6 Feb 2025
83 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
YouTube video for TryHackMe room Moniker Link (CVE-2024-21413) Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. Link on first comments:⤵️⤵️⤵️⤵️🦜🦜🦜 https://t.co/XNJ6JcuhCe https://t.co/KySiYT4hVk
@DjalilAyed
26 Jan 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#day68 Just wrapped up a deep dive into the moniker link vulnerability (CVE-2024-21413) on TryHackMe. It was an awesome experience to learn about exploitation, remediation, and detection techniques. Excited to keep honing my cybersecurity skills! #cybersecurity #Tryhackme https
@Rahmat2283
7 Nov 2024
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Completed the Moniker Link (CVE-2024-21413) room on TryHackMe, enhancing my skills in vulnerability exploitation. @RealTryHackMe #TryHackMe #CVE2024 https://t.co/VHRESQsQje https://t.co/QvVRQvZoAe
@anish_op_007
7 Nov 2024
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔔CVE-2024-21413: El 13 de febrero de 2024, Microsoft notificó sobre una vulnerabilidad en su aplicación Outlook. Está considerada como crítica (9,8). Os contamos cuáles son las versiones afectadas en el siguiente enlace: ➡️https://t.co/nE1rVjURtZ 💻 https://t.co/kPhRu12I52
@fluproject
26 Oct 2024
154 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Day 4 of my 30-day TryHackMe challenge -Completed the Exploitation Basics module -Exploited a real-world vulnerability with CVE-2024-21413 -Got hands-on with Metasploit and Meterpreter for post-exploitation -Finished with a CTF lab in the Blue room, hacking a Windows machine htt
@trickysali
25 Oct 2024
95 Impressions
0 Retweets
5 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2016:*:-:*:-:*:-:*",
"vulnerable": true,
"matchCriteriaId": "DC9D0A78-9F16-41E0-910E-E93269DB9B30"
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD"
}
],
"operator": "OR"
}
]
}
]