CVE-2024-21413

Published Feb 13, 2024

Last updated 3 months ago

Exploit knownCVSS critical 9.8
Microsoft Outlook

Overview

AI description

Automated description summarized from trusted sources.

CVE-2024-21413 is a critical remote code execution (RCE) vulnerability affecting Microsoft Outlook. It is classified as an "Improper Input Validation Vulnerability". The vulnerability arises from how Outlook processes certain URLs, especially those using the file:// protocol and crafted URL structures. This "MonikerLink" bug allows attackers to bypass the Office Protected View feature and execute arbitrary code on a victim's machine, potentially leading to system compromise, data exfiltration, or malware installation. This can be achieved by sending a malicious email, and in some cases, simply previewing the email is enough to trigger the exploit.

Description
Microsoft Outlook Remote Code Execution Vulnerability
Source
secure@microsoft.com
NVD status
Analyzed
Products
365_apps, office, office_long_term_servicing_channel

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Microsoft Outlook Improper Input Validation Vulnerability
Exploit added on
Feb 6, 2025
Exploit action due
Feb 27, 2025
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

secure@microsoft.com
CWE-20
nvd@nist.gov
NVD-CWE-noinfo

Social media

Hype score
Not currently trending

  1. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/SLAbNv0mjy #tryhackme via @realtryhackme

    @brain_codeur

    24 Aug 2025

    85 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/CccqFA86Pz #tryhackme via @realtryhackme

    @dskhaikh777

    24 Aug 2025

    93 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Day 14 of my #LearnInPublic #CyberSecurity journey TryHackMe – CVE-2024-21413: Bypassing Outlook’s Protected View Leaking credentials from Outlook Detection & mitigation Burp Suite: More PortSwigger labs HTTP request/response analysis https://t.co/zY4F7nSLUh

    @prxdhxman

    22 Aug 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/sTT92ZhXlE #tryhackme via @realtryhackme

    @fola790

    19 Aug 2025

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/qILWfTMOTB #tryhackme via @realtryhackme

    @whatthecoconutt

    18 Aug 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/VjH3ij8Czx #tryhackme via @realtryhackme

    @shawnmsoles

    16 Aug 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Just learnt about Moniker Link (CVE-2024-21413) that led to exposed user's credentials using CVE-2024-21413 to bypass Outlook's Protected View Remediations: * Do not click random links * Preview links before clicking them * Forward suspicious emails to the respective department

    @0x4d1ty4

    14 Aug 2025

    30 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  8. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. #CyberSecurity #InfoSec #PenTesting #TryHackMe #CyberSecurityJobs https://t.co/loqf4Pylmk #tryhackme via @realtryhackme

    @db_xix

    14 Aug 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/3L9UJxigsT #tryhackme via @realtryhackme Github repo: https://t.co/QbvnAC189o I was stuck. Thanks @TylerRamsbey day 27

    @thakreyrok

    11 Aug 2025

    3 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  10. I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/qiuwIbABfT #tryhackme via @realtryhackme

    @0xSubrat

    9 Aug 2025

    60 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨 New Templates Bounty Issue 💰 CVE-2024-21413 - CVE-2024-21413 💰 👾 Issue: https://t.co/uDTFBrEWMD #bugbounty #NucleiTemplates #cve #opensource

    @pdnuclei

    2 Jul 2025

    1077 Impressions

    1 Retweet

    13 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  12. Finished a full walkthrough of the serious Moniker Link vulnerability (CVE-2024-21413), from how the attack works, to the coding behind it, and how to detect and defend against it. #tryhackme https://t.co/QTkkh4xxcS

    @szewailaw_lis

    1 Jul 2025

    394 Impressions

    0 Retweets

    30 Likes

    1 Bookmark

    2 Replies

    0 Quotes

  13. Monicker Link (CVE-2024-21413) -- Share your achievement https://t.co/kNBk0iFg9V #tryhackme via @realtryhackme

    @michaellearns_

    26 Jun 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. PoC of CVE-2024-21413 وحدة من ثغرات الـoutlook اللي من خلالها تقدر تسوي bypass للـsecurity mechanism للـoutlook عن طريق الـhyperlink بدل ما يكون الرابط كذا https://t.co/kkDEvtcKbH يصير يوصل الضحية

    @PTShatha511

    20 Jun 2025

    3519 Impressions

    1 Retweet

    53 Likes

    57 Bookmarks

    1 Reply

    0 Quotes

  15. 🚨CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability PoC (no audio) Credit: https://t.co/SbW4G81mO8 https://t.co/IW6zmnngRE

    @DarkWebInformer

    5 May 2025

    44523 Impressions

    187 Retweets

    962 Likes

    481 Bookmarks

    4 Replies

    5 Quotes

  16. 🎯Wrapped up Moniker Link on @TryHackMe! Mastered CVE-2024-21413 by exploiting Outlook’s Protected View to leak creds and learning how to stay secure.🧠 🙏Huge thanks to @allenharper for the opportunity! #OutlookExploit #ThreatHunting #RedTeam https://t.co/uhLbOPBpJk

    @707_Roi

    7 Apr 2025

    39 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. CVE-2024-21413 | Microsoft Outlook Remote Code Execution https://t.co/KdcRILuLOB

    @Domenech97

    26 Mar 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Day 92 of #100DaysOfCybersecurity @jay_hunts @segoslavia Explored the Moniker Link room on TryHackMe and learned about CVE-2024-21413, an Outlook vulnerability allowing NTLM hash leaks & RCE via malicious links. Tested it using Responder & a Python script with smtplib.

    @Babatunde739

    17 Mar 2025

    84 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Moniker link vulnerability with the assigned CVE of CVE-2024-21413 the way of attacking vulnerabiliry https://t.co/tC0BE1x4yD

    @akdknfndekdkkdn

    15 Mar 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Is your organization using Outlook? Is it up to date? It is a good practice to always use the latest versions of the apps. If not, be sure to always download security updates. There are versions of Outlook that are vulnerable to Moniker Link (CVE-2024-21413).

    @blue_squ1rrel

    13 Mar 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  21. #Vulnerability #CVE202421413 CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available https://t.co/9nSJAXD4kr

    @Komodosec

    9 Mar 2025

    94 Impressions

    1 Retweet

    1 Like

    2 Bookmarks

    0 Replies

    0 Quotes

  22. Microsoft Outlook の脆弱性 CVE-2024-21413:積極的な悪用と CISA KEV 登録 https://t.co/N7XOQHd9UD Microsoft Outlook の RCE 脆弱性 CVE-2024-21413 が、CISA KEV に登録されました。この脆弱性は、すでに PoC… https://t.co/dQKhhqsiSi

    @iototsecnews

    17 Feb 2025

    43 Impressions

    2 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Die US-Sicherheitsbehörde #CISA warnt vor einer akuten Bedrohung: Eine kritische Sicherheitslücke in #Microsoft #Outlook (CVE-2024-21413) wird derzeit aktiv von Cyberkriminellen ausgenutzt. https://t.co/XBhJ4aMuW8

    @it__security

    14 Feb 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. 🚨 Critical #Microsoft Outlook Vulnerability (#CVE-2024-21413) Actively Exploited in Attacks – CISA Warns https://t.co/1aF3goF4H4

    @UndercodeUpdate

    14 Feb 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. CISA has warned U.S. federal agencies about active exploitation of a critical Microsoft Outlook Remote Code Execution (RCE) vulnerability (CVE-2024-21413). . Discovered by Check Point, the flaw allows attackers to bypass Outlook’s Protected View. . #CyberSecurity https://t.co/dLq

    @AvmConsulting

    14 Feb 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Microsoft Outlookの保護ビュー機能を回避するの重大なRCE脆弱性「CVE-2024-21413」がCISA脆弱性カタログに追加されました。この脆弱性は2024年2月に修正プログラムが公開されていますが、いまだに未パッチのシステムが多く存在するため、攻撃のリスクが高まっています。 https://t.co/IIhLKUPb2U https://t.co/fSCgYh5oAU

    @t_nihonmatsu

    12 Feb 2025

    237 Impressions

    0 Retweets

    5 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  27. Microsoft Outlook(マイクロソフト アウトルック)で重大な脆弱性(CVE-2024-21413)が発生しています。ゼロデイ攻撃に悪用される可能性が高いので対象者はアップデートして対応する事をお勧めします。 #セキュリティ #セキュリティ対策Lab https://t.co/jUywpmWaA8

    @securityLab_jp

    11 Feb 2025

    37 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  28. Microsoft Outlookの重大なリモートコード実行バグが悪用!CISAはMicrosoft Outlookの重大なリモートコード実行脆弱性を狙った進行中の攻撃からシステムを保護するよう警告した。CVE-2024-21413として追跡されているこの欠陥は、脆弱なバージョンの Outlook… https://t.co/h180DjzhLa

    @gotopcj

    11 Feb 2025

    458 Impressions

    3 Retweets

    18 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  29. 🚨 Critical RCE vulnerability in Microsoft Outlook! CVE-2024-21413 is being actively exploited, allowing remote code execution via malicious emails. Even opening the preview pane can trigger an attack! 🔒 Update NOW with Microsoft's February 2024 security patch! #CyberSecurity…

    @shinO7_O7

    11 Feb 2025

    276 Impressions

    5 Retweets

    33 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  30. 🚨 Critical Outlook RCE Bug Exploited! 🚨 Hackers are actively targeting CVE-2024-21413, allowing remote code execution via malicious emails! Update your systems now to stay protected. 🔗 Read more: https://t.co/Yr7xzaVoc4 #microsoft #CyberSecurity #hackers #RCE #email https:/

    @GeekFeedNet

    9 Feb 2025

    60 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 【緊急警告】マイクロソフトOutlookの重大な脆弱性、今すぐ対策を! CISAが警告するMicrosoft Outlookの重大な脆弱性(CVE-2024-21413)について解説 【緊急警告】マイクロソフトOutlookの重大な脆弱性、今すぐ対策を! - サイバーセキュリティナビ https://t.co/bntzJ3b7QB

    @jp_cb_security

    9 Feb 2025

    98 Impressions

    0 Retweets

    0 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  32. آسیب ‌پذیری CVE-2024-21413 در Microsoft Outlook مورد سوءاستفاده قرار گرفت #Cyber_Security_News #اخبار_امنیت_سایبری #CVE_2024_21413 #Microsoft_Outlook https://t.co/2DROsQSDo0

    @vulnerbyte

    9 Feb 2025

    46 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  33. Top 5 Trending CVEs: 1 - CVE-2025-23369 2 - CVE-2025-23419 3 - CVE-2025-21298 4 - CVE-2024-21413 5 - CVE-2013-2678 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    9 Feb 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. GitHub - xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability: Microsoft-Outlook-Remote-Code-Execution-Vulnerability https://t.co/Bly2AJTQ0h

    @N0tus3rF0und

    9 Feb 2025

    26 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  35. 🚨 CVE-2024-21413: Vulnerabilidad crítica en Outlook permite ejecución remota de código https://t.co/F4GNtNHQNp

    @tpx_Security

    8 Feb 2025

    183 Impressions

    1 Retweet

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. آسیب پذیری جدیدی با کد شناسایی CVE-2024-21413 برای برنامه outlook منتشر شده است. هکرها با ارسال یک لینک در ایمیل برای قربانیان و در نهایت کلیک کردن این لینک توسط قربانی زمانی که ایمیل را با برنامه outlook باز نموده اند ، به سیستم قربانی دسترسی می گیرند. https://t.co/Poz3aKY03t ht

    @AmirHossein_sec

    8 Feb 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. CISA warns of a critical RCE vulnerability (CVE-2024-21413) in Microsoft Outlook, allowing attackers to bypass Protected View and execute code via malicious email links. Stay vigilant. https://t.co/7OYof7tO7R

    @Teemu_Tiainen

    8 Feb 2025

    69 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. Microsft Outlookの脆弱性 CVE-2024-21413 は悪意のあるリンクを含むメールから保護ビューを回避しOfficeファイルを編集モードで開くことでコード実行可能とのこと。また、プレビューでも悪用の可能性あり。 https://t.co/c4s3EjJbHo

    @ntsuji

    8 Feb 2025

    3956 Impressions

    6 Retweets

    36 Likes

    8 Bookmarks

    1 Reply

    1 Quote

  39. 🚨Alert🚨 CVE-2024-21413 (CVSS 9.8) : Microsoft Outlook RCE Vulnerability 🔥PoC:https://t.co/SxTcZTI6mE 📊 1.1M+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/D4e39xFq6L 👇Query HUNTER : https://t.co/q9rtuGfZuz="Outlook Web App" FOFA :… http

    @HunterMapping

    8 Feb 2025

    4196 Impressions

    42 Retweets

    97 Likes

    41 Bookmarks

    0 Replies

    1 Quote

  40. Microsoft Outlook Under Attack CVE-2024-21413, a critical Remote Code Execution (RCE) flaw, is being actively exploited! Hackers use malicious Office docs to bypass Protected View, steal NTLM credentials & run arbitrary code. Outlook 2016, Office 2019, LTSC 2021, Microsoft 3

    @dCypherIO

    7 Feb 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. CISA warns of a critical Microsoft Outlook vulnerability (CVE-2024-21413) under active exploitation. Users must update systems to stay safe. #CyberSecurity #DataProtection 🐱 Sources: forbes https://t.co/mrKOYy1h34

    @CuriousCatsAI

    7 Feb 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. 🚨 ¡Alerta de Seguridad! 🚨 CISA advierte sobre una vulnerabilidad crítica (CVE-2024-21413) en Microsoft Outlook, utilizada activamente para ataques de ejecución remota de código. ⚠️ https://t.co/g60cRvx9JO

    @esconsulting__

    7 Feb 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available https://t.co/VG5QbA7YQz

    @Dinosn

    7 Feb 2025

    5865 Impressions

    31 Retweets

    120 Likes

    38 Bookmarks

    1 Reply

    0 Quotes

  44. 🚨 Critical #Outlook Vulnerability (CVE-2024-21413) Under Active Exploitation! #Attackers are exploiting a flaw in Microsoft Outlook that bypasses Protected View using a malicious file:// link. This tricks #Outlook into opening files in editing mode, enabling remote code… https:

    @Cloud_Breach

    7 Feb 2025

    254 Impressions

    2 Retweets

    5 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  45. CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available https://t.co/mlPlGUiUJS

    @samilaiho

    7 Feb 2025

    2038 Impressions

    5 Retweets

    18 Likes

    10 Bookmarks

    1 Reply

    0 Quotes

  46. CVE-2024-21413 (CVSS 9.8): Critical #Outlook Flaw Under Active Attack, PoC Available CISA has issued a warning, mandating U.S. federal agencies to patch their systems against this actively exploited vulnerability https://t.co/W3yDDparZr

    @the_yellow_fall

    7 Feb 2025

    521 Impressions

    3 Retweets

    6 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  47. 🚨 CVE Alert: Microsoft Outlook Remote Code Execution Vulnerability Exploited In The Wild🚨 Vulnerability Details: CVE-2024-21413 (CVSS 9.8/10) Microsoft Outlook Remote Code Execution Vulnerability Impact: A Successful exploit may allow a remote attacker to execute malicious… h

    @CyberxtronTech

    7 Feb 2025

    107 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  48. 🚨 URGENT: A critical Microsoft Outlook vulnerability (CVE-2024-21413) is under active exploitation! Hackers can steal credentials & execute #malware. Patch NOW! #CyberSecurity #CISAAlert #microsoft #outlook #cve202421413 #Canada #CanadaCyberAwareness https://t.co/T2dhNW22l

    @FindSecCyber

    7 Feb 2025

    75 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  49. Critical Microsoft Outlook Vulnerability (CVE-2024-21413) Actively Exploited in Attacks – CISA Warns | Read: https://t.co/VbYhIWX5AD https://t.co/1HO1wghIkQ

    @imNaviya

    7 Feb 2025

    74 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. CISA adds 5 new exploits including CVE-2024-21413 / Outlook input validation exploit on the know expliot list https://t.co/OGYXPi8sKb

    @TRX7800X

    7 Feb 2025

    78 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.