CVE-2024-21413
Microsoft Outlook Improper Input Validation Vulnerability
CVSS
—
Sin CVSS
EPSS
94.7%
p100
KEV
SÍ
6 feb 2025
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
Microsoft / Office Outlook
Vulnerabilidad
Microsoft Outlook Improper Input Validation Vulnerability
Añadido a KEV
6 feb 2025
Remediar antes de
27 feb 2025
Uso conocido en ransomware
No
Descripción resumida
Microsoft Outlook contains an improper input validation vulnerability that allows for remote code execution. Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 ; https://nvd.nist.gov/vuln/detail/CVE-2024-21413
Sin CVEs relacionados por CWE o producto.