Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)
Posted on
March 16, 2023
Service Bulletin
Please share the following with your technical teams.
Information Security has noticed a recent Microsoft Outlook zero-day vulnerability exploited in the wild (CVE-2023-23397) which allows remote attackers to steal hashed passwords.
Severity level
CVSS Score: 9.8/ Critical
Description
An attacker who successfully exploited this vulnerability could access a user's Net-NTLMv2 hash which could be used as a basis of an NTLM Relay attack against another service to authenticate as the user. No user interaction is needed as exploitation occurs when Outlook is open and the reminder is triggered on the system.
Affected Versions All supported versions of Microsoft Outlook for Windows are affected. Other versions of Microsoft Outlook, including Android, iOS, Mac, and Outlook on the web, as well as other M365 services, are not affected.
Impact
Attacker can use the hash to authenticate the user services.