ioc[.]one - OSINT Cyber Threat Intelligence Database

CVE-2023-23397: Microsoft Office Outlook Privilege Escalation Vulnerability

Tags

country:	Russia
attack-pattern:	Credentials - T1589.001 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	94aaedcb-8a5f-4033-a168-80ab5f97ed86
Fingerprint	ac196d347bfe8ce7
Analysis status	DONE
Considered CTI value	2
Text language
Published	March 18, 2023, 10 a.m.
Added to db	March 18, 2023, 11:53 a.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	CVE-2023-23397: Microsoft Office Outlook Privilege Escalation Vulnerability
Title	CVE-2023-23397: Microsoft Office Outlook Privilege Escalation Vulnerability
Detected Hints/Tags/Attributes	47/2/21

Source URLs

	Redirection	Url
Details	Source	https://www.picussecurity.com/resource/blog/cve-2023-23397-microsoft-office-outlook-privilege-escalation-vulnerability

URL Provider

Details	Provider	Source level domain
Details	picussecurity.com	www.picussecurity.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	352	✔	Resources-2	https://www.picussecurity.com/resource/rss.xml	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	176	cve-2023-23397
Details	Domain	452	msrc.microsoft.com
Details	Domain	641	nvd.nist.gov
Details	Domain	3	practical365.com
Details	Domain	261	blog.talosintelligence.com
Details	Domain	1	cve-2023-23397.md
Details	Domain	4128	github.com
Details	Domain	4	microsoft.github.io
Details	Github username	48	microsoft
Details	sha1	5	a4c096e8b6e6eddeba2f42910f165681ed64adf7
Details	Threat Actor Identifier - APT	783	APT28
Details	Url	2	https://msrc.microsoft.com/update-guide/vulnerability/cve-2023-23397.
Details	Url	1	https://nvd.nist.gov/vuln/detail/cve-2023-23397.
Details	Url	1	https://practical365.com/cve-2023-23397-ntlm-vulnerability/.
Details	Url	1	https://blog.talosintelligence.com/outlook-privilege-escalation-vulnerability-cve-2023-23397/.
Details	Url	1	https://github.com/microsoft/css-exchange.
Details	Url	2	https://microsoft.github.io/css-exchange/security/cve-2023-23397/.
Details	Url	1	https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability/.
Details	Url	1	https://learn.microsoft.com/en-us/office/client-developer/outlook/mapi/pidlidreminderfileparameter-canonical-property
Details	Url	1	https://www.bigtechwire.com/2023/03/16/microsoft-patches-zero-day-flaw-in-outlook-exploited-by-russian-hackers/.
Details	Url	2	https://research.kudelskisecurity.com/2023/03/15/cve-2023-23397-microsoft-outlook-privilege-elevation-critical-vulnerability/.