CVE-2024-21413
Published Feb 13, 2024
Last updated 2 months ago
AI description
CVE-2024-21413 is a remote code execution (RCE) vulnerability affecting Microsoft Outlook. It stems from improper input validation when Outlook processes URLs, particularly those using the `file://` protocol and crafted URL structures. This vulnerability, also known as the "MonikerLink" bug, allows attackers to bypass security protections, such as the Office Protected View, and execute arbitrary code on a victim's machine by sending a malicious email. The vulnerability can be triggered even when previewing a maliciously crafted email. Successful exploitation could lead to remote code execution, theft of NTLM credentials, data exfiltration, data encryption, installation of malware, and potential full system compromise. It affects various versions of Microsoft Outlook, including Microsoft Office 2016, 2019, 2021, and Microsoft 365 Apps.
- Description
- Microsoft Outlook Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- 365_apps, office_2016, office_2019, office_long_term_servicing_channel
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Microsoft Outlook Improper Input Validation Vulnerability
- Exploit added on
- Feb 6, 2025
- Exploit action due
- Feb 27, 2025
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-20
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/lwvEaiiCj1 #tryhackme via @tryhackme
@VoiceJustdoit
15 Dec 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/ua61gJ8gHv #tryhackme via @tryhackme
@BroodaShah
12 Dec 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#RaiseTech #tryhackme 🌟2025.12.06(夜) 《THM》DAY12:Moniker Link (CVE-2024-21413):1時間 ✍感想 ・Outlookで、リンクをクリックしての脆弱性(PoC)について学びました。 ・定期的にアップデートを心掛ける。 ・Pythonは
@akky743793
6 Dec 2025
89 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
#100DaysOfCybersecurity Day 4/100: My Security + exam is next Monday! - Did 25 questions for my upcoming Security + exam from Dark Bird Tech Channel on Youtube - TryHackMe: Finished Moniker Link (CVE-2024-21413) room from CyberSecurity 101 path and AI in Security - old
@thecybernovice
4 Dec 2025
8 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/jxI0rtja03 #tryhackme via @tryhackme #CyberSecurity #tryhackme
@SALIMASSILI2006
3 Dec 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای outlook آسیب پذیری با کد شناسایی CVE-2024-21413 از نوع RCE منتشر شده است که به هکرها امکان اجرای کد روی سیستم آسیب پذیر از طریق دستکاری ایمیل را می دهد. این آسیب پذ
@AmirHossein_sec
2 Dec 2025
67 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Confirmado: PoC liberado + explotación activa del RCE en Outlook (CVE-2024-21413). Riesgo máximo: robo de NTLM y control total del sistema. Parchear es urgente. En LUER te ayudamos. #Ciberseguridad #Outlook #RCE https://t.co/qmsokZd4iQ
@Luer_CS
2 Dec 2025
81 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Ya existe un exploit público para un fallo crítico de Outlook Microsoft corrigió hace meses una vulnerabilidad muy grave en Outlook (CVE-2024-21413, severidad 9.8). Ahora apareció un PoC público: código que demuestra cómo explotarla. Cuando eso pasa otros actore
@CycuraMX
1 Dec 2025
8116 Impressions
39 Retweets
128 Likes
58 Bookmarks
2 Replies
0 Quotes
Outlookの遠隔コード実行脆弱性MonikerLink (CVE-2024-21413)に対応するPoC(攻撃の概念実証コード)が公表された。OulookのプレビューペインからゼロクリックでNTLMハッシュを抜ける。 https://t.co/gORtmBe6Bt
@__kokumoto
1 Dec 2025
1076 Impressions
2 Retweets
3 Likes
5 Bookmarks
0 Replies
0 Quotes
A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413. #cybersecurity https://t.co/yvuT426D1S
@dan_covic
1 Dec 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 PoC Exploit Released For Outlook 0-Click Remote Code Execution Vulnerability Source: https://t.co/zpeuGMQuHa A Proof-of-Concept (PoC) exploit code has been released for a critical remote code execution (RCE) vulnerability in Microsoft Outlook, identified as CVE-2024-21413
@The_Cyber_News
1 Dec 2025
30338 Impressions
129 Retweets
363 Likes
192 Bookmarks
6 Replies
0 Quotes
Outlookの深刻なRCE脆弱性を悪用するPoCが公開され、保護ビューをすり抜けてコード実行や認証情報漏えいを招く攻撃手法が明らかになった。クリックだけで被害に至る可能性があるため警戒が必要だ。 問題のC
@yousukezan
1 Dec 2025
10125 Impressions
29 Retweets
90 Likes
57 Bookmarks
0 Replies
5 Quotes
GitHub - mmathivanan17/CVE-2024-21413: Outlook exploitation https://t.co/rm5h2PquJ7
@akaclandestine
30 Nov 2025
1910 Impressions
8 Retweets
22 Likes
9 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/IBtyxaJ3ev #tryhackme via @tryhackme @ireteeh
@bajboybountyII
27 Nov 2025
84 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/buqo7zYsOU #tryhackme via @tryhackme
@AdamNugent28159
26 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I completed the Moniker Link (CVE-2024-21413) room on TryHackMe, where I learned how the vulnerability works, how it bypasses Outlook’s Protected View, and how it can be used to leak user credentials https://t.co/MY5MhXOGJt #tryhackme via @tryhackme
@omo_aremu_
26 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/jF4kHDHiVW #tryhackme via @tryhackme
@Ezekieluche_
25 Nov 2025
50 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/hqqd207JHR #tryhackme via @tryhackme
@Martinko228O
25 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/MKME4nuYNW #tryhackme @tryhackmeより
@GrapheneHackSec
25 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/QVMfDrtaeH #tryhackme via @tryhackme
@0xTreasureSec
23 Nov 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/1K9slMn9qQ #tryhackme via @tryhackme
@terrorCHrist
23 Nov 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/NH4KSXymnD #tryhackme via @tryhackme
@0xiv4n
16 Nov 2025
64 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#tryhackme「Moniker Link (CVE-2024-21413)」ルームをクリアしました! 簡単なHTMLリンクがどのようにしてOutlookの保護ビューを回避し、SMB経由でNTLMv2ハッシュを漏洩するのかを知ることができました。 https://t.co/bP0NO1YeMH
@vivi_cyber
16 Nov 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. It was really interesting to learn how a simple HTML hyperlink could bypass Outlook’s Protected View and leak NTLMv2 hashes through SMB. https://t.co/bP0NO1YeMH #tryhackme via @tryhackme #CybersecurityTraining
@vivi_cyber
16 Nov 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/HSvMnbjSiM #tryhackme عبر @tryhackme
@ChawiRajaa33737
14 Nov 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/coLALMH5WM #tryhackme via @tryhackme
@PixelMach1
12 Nov 2025
17 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/1HiDcIuIxO #tryhackme via @tryhackme #BarbosSecurity
@BarbosSecurity
10 Nov 2025
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/3HfKWAFH5g #tryhackme via @tryhackme
@8ugst3r
10 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/m8IZpQmPOg #tryhackme via @tryhackme
@icantbenobody
9 Nov 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/myr0BJo6Ai #tryhackme via @tryhackme
@305_Rockett
9 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/eUQc480bHQ #tryhackme via @tryhackme
@sanjeevbadhan34
5 Nov 2025
50 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/FvwSZ7OVlI #tryhackme via @tryhackme
@__ART3MISS
3 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I started the Exploitation Basics module on @tryhackme and covered the Moniker Link (CVE-2024-21413) . Learnt how a specially formed email link can trick Outlook into leaking NTLM credentials. https://t.co/g4xRQdH0jT
@its_priscy28
2 Nov 2025
55 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/XvKRbJO0RU #tryhackme a través de @tryhackme
@l0ngh0
1 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/JmSP7nxpTk #tryhackme via @tryhackme
@Rishabh09joshi
27 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on @tryhackme. CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/ItPjsy6fpD #tryhackme via @tryhackme
@devnotindian
24 Oct 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/wO4Ddd0FWb #tryhackme via @tryhackme https://t.co/YbFTlYiAmh
@intel_ears
23 Oct 2025
113 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/VBzyL8Z9td #tryhackme @tryhackmeより
@memorinosub
23 Oct 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Analyzed CVE-2024-21413 (MonikerLink). A critical RCE in Outlook that bypasses security via crafted monikers to leak NTLM hashes. Understanding the exploit chain is key to defense.#CVE202421413 Share your achievement https://t.co/JdBdkteht6 #tryhackme via @realtryhackme
@AnmolLa98614976
12 Oct 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/xijTwoYmOG #tryhackme via @realtryhackme
@with_nomii
10 Oct 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/eNyhuCKyfD #tryhackme via @realtryhackme
@lguerramx
9 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View https://t.co/tLEnwVohsn #tryhackme via @realtryhackme
@CyberAdeola
9 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/tLEnwVohsn #tryhackme via @realtryhackme
@CyberAdeola
9 Oct 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/IiifJnlIFN #tryhackme via @realtryhackme
@jzcorpo
9 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/NDzzd789nq #tryhackme via @realtryhackme
@ch63179440
9 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/pELX6ugnGx #tryhackme via @realtryhackme
@kbadvani
6 Oct 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/v9pIZs4qrn #tryhackme @realtryhackmeより
@keiworks46
5 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Just finished the “Mon!ker Link (CVE-2024-21413)” room on Tryhackme. Here’s a quick breakdown of what MonikerLink is and why it matters https://t.co/nCAMJEUmZS
@Cyb3rOps_
2 Oct 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
Day-29 #hackers @realtryhackme #monikerlink I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/dTFfDQbqe3 #tryhackme via @realtryhackme
@VikramJata5395
29 Sept 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/c94MEKSbbO #tryhackme via @realtryhackme
@UgwuanyiEmeka3
28 Sept 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "45A9ECE7-F173-47AB-A420-0B6F64A04D21"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "14D63E3F-A431-4DD8-979F-811E8DAC423D"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD"
}
],
"operator": "OR"
}
]
}
]