AI description
CVE-2023-23397 is an elevation of privilege vulnerability affecting Microsoft Outlook for Windows. This flaw allows a threat actor to exploit the system by sending a specially crafted email, calendar invitation, or task item. The vulnerability is particularly notable because it requires no user interaction; the exploit can be triggered automatically when the malicious item is processed by the Outlook client, even before it is opened or previewed. The mechanism behind the vulnerability involves a custom Messaging Application Programming Interface (MAPI) property, specifically `PidLidReminderFileParameter`, within the malicious message. This property, intended for specifying a custom reminder sound file, is set to a Universal Naming Convention (UNC) path pointing to an attacker-controlled Server Message Block (SMB) server. When Outlook attempts to retrieve this "sound file," it inadvertently initiates an NTLM authentication session with the attacker's server, thereby leaking the victim's NTLM authentication hashes. These stolen hashes can then be used for NTLM relay attacks or offline password cracking.
- Description
- Microsoft Outlook Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Modified
- Products
- 365_apps, office, office_long_term_servicing_channel, outlook
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Microsoft Office Outlook Privilege Escalation Vulnerability
- Exploit added on
- Mar 14, 2023
- Exploit action due
- Apr 4, 2023
- Required action
- Apply updates per vendor instructions.
- Hype score
- Not currently trending
I just completed Outlook NTLM Leak room on TryHackMe! Leak password hashes from a user by sending them an email by abusing CVE-2023-23397. https://t.co/oHEuH8hWIA #tryhackme via @tryhackme
@acupunc28094787
3 May 2026
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Francia atribuye 12 ciberataques al GRU ruso (APT28/Fancy Bear): ministerios, defensa, aeroespacial y #ParísOlímpico. Vector: phishing + zero-day CVE-2023-23397. +4k ataques rusos en 2k4 (+15%). Fuente: @BleepingComputer En #Hackron conoce CERTS de Ref https://t.co/TpSApoC8km
@Hackr0n
1 May 2026
88 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Outlook NTLM Leak room on TryHackMe! Leak password hashes from a user by sending them an email by abusing CVE-2023-23397. https://t.co/kmWo05bQP9 #tryhackme via @tryhackme #tryhackme #Learning #Consistency
@LittleSun4lower
18 Apr 2026
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Outlook NTLM Leak room on TryHackMe! Leak password hashes from a user by sending them an email by abusing CVE-2023-23397. https://t.co/0d7jDjCcOo #tryhackme via @tryhackme
@ToTo13ru_xakep
10 Mar 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772496946305) 😃 I love digging into real‑world exploits
@audn_ai
3 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772496776735) 😃 I love digging into real‑world exploits
@audn_ai
3 Mar 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772494045965) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772486730705) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772486007470) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772480721335) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772475741115) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772474108245) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772471053940) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772470150115) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772469370115) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772469075130) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772468591595) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772467509435) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772467449445) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772467269785) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772467029840) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772466970825) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772466610095) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772466489835) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772459771170) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772453652550) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772453470060) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772452751045) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772451098660) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772448792955) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772448682280) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772447769985) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772447652270) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772446090235) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772444901835) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772443991780) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772443090995) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772442970985) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772442431370) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772442070525) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772441182090) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772440810315) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772440569975) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772440390025) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772440269895) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772440089710) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772439369415) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772439129750) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772438709515) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ PenTest tip: explore CVE-2023-23397 – Windows Print Spooler remote code execution vulnerability. Use it as a sandbox exercise to sharpen your exploit‑development skills. #PenTesting #CVE CVE-2023-23397 (ref:1772438658235) 😃 I love digging into real‑world exploits
@audn_ai
2 Mar 2026
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "8D513A61-6427-4F85-AADF-99D6F223AF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:rt:*:*:*",
"matchCriteriaId": "DDA98A76-D0D1-4BFA-BEAC-1C2313F7B859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B1657C-0FF4-461A-BE2A-641275C4B0A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]