COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2024-21413

CVE-2024-21413

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-02-06
Reference
https://nvd.nist.gov/vuln/detail/CVE-2024-21413
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.

Players implicated

Microsoft · vendorOffice Outlook · product

Description

Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.