CVE-2024-21413
Published Feb 13, 2024
Last updated 4 days ago
AI description
CVE-2024-21413 is a critical remote code execution (RCE) vulnerability affecting Microsoft Outlook. It is classified as an "Improper Input Validation Vulnerability". The vulnerability arises from how Outlook processes certain URLs, especially those using the file:// protocol and crafted URL structures. This "MonikerLink" bug allows attackers to bypass the Office Protected View feature and execute arbitrary code on a victim's machine, potentially leading to system compromise, data exfiltration, or malware installation. This can be achieved by sending a malicious email, and in some cases, simply previewing the email is enough to trigger the exploit.
- Description
- Microsoft Outlook Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- 365_apps, office_2016, office_2019, office_long_term_servicing_channel
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Microsoft Outlook Improper Input Validation Vulnerability
- Exploit added on
- Feb 6, 2025
- Exploit action due
- Feb 27, 2025
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-20
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/JmSP7nxpTk #tryhackme via @tryhackme
@Rishabh09joshi
27 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on @tryhackme. CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/ItPjsy6fpD #tryhackme via @tryhackme
@devnotindian
24 Oct 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/wO4Ddd0FWb #tryhackme via @tryhackme https://t.co/YbFTlYiAmh
@intel_ears
23 Oct 2025
113 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/VBzyL8Z9td #tryhackme @tryhackmeより
@memorinosub
23 Oct 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Analyzed CVE-2024-21413 (MonikerLink). A critical RCE in Outlook that bypasses security via crafted monikers to leak NTLM hashes. Understanding the exploit chain is key to defense.#CVE202421413 Share your achievement https://t.co/JdBdkteht6 #tryhackme via @realtryhackme
@AnmolLa98614976
12 Oct 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/xijTwoYmOG #tryhackme via @realtryhackme
@with_nomii
10 Oct 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/eNyhuCKyfD #tryhackme via @realtryhackme
@lguerramx
9 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View https://t.co/tLEnwVohsn #tryhackme via @realtryhackme
@CyberAdeola
9 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/tLEnwVohsn #tryhackme via @realtryhackme
@CyberAdeola
9 Oct 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/IiifJnlIFN #tryhackme via @realtryhackme
@jzcorpo
9 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/NDzzd789nq #tryhackme via @realtryhackme
@ch63179440
9 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/pELX6ugnGx #tryhackme via @realtryhackme
@kbadvani
6 Oct 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/v9pIZs4qrn #tryhackme @realtryhackmeより
@keiworks46
5 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Just finished the “Mon!ker Link (CVE-2024-21413)” room on Tryhackme. Here’s a quick breakdown of what MonikerLink is and why it matters https://t.co/nCAMJEUmZS
@Cyb3rOps_
2 Oct 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
Day-29 #hackers @realtryhackme #monikerlink I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/dTFfDQbqe3 #tryhackme via @realtryhackme
@VikramJata5395
29 Sept 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/c94MEKSbbO #tryhackme via @realtryhackme
@UgwuanyiEmeka3
28 Sept 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/2aVuzFGDfT #tryhackme via @realtryhackme
@HuhHowAboutThis
24 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/Iv6HdXFfhu #tryhackme via @realtryhackme
@R3dF0x1c
23 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/v25ploq1mF #tryhackme via @realtryhackme
@monark0x
23 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/wl8Ya1EwGE #tryhackme via @realtryhackme
@SAguirre79361
23 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/fT0WtIhcEI #tryhackme @realtryhackmeより
@Hakui_note
21 Sept 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/fECx3KnTOx #tryhackme via @realtryhackme
@MakInformatique
15 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/wcZsPYO1CD #tryhackme via @realtryhackme
@StarkesWeb
14 Sept 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/49w4nwXQdb #tryhackme via @realtryhackme
@zeo_stunner
5 Sept 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/7KMAD3Ad1Q #tryhackme via @realtryhackme
@sanjeevbadhan34
31 Aug 2025
97 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/xpfxUWXuCX #tryhackme via @realtryhackme
@SecQuestNinja
27 Aug 2025
106 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/SLAbNv0mjy #tryhackme via @realtryhackme
@brain_codeur
24 Aug 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/CccqFA86Pz #tryhackme via @realtryhackme
@dskhaikh777
24 Aug 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Day 14 of my #LearnInPublic #CyberSecurity journey TryHackMe – CVE-2024-21413: Bypassing Outlook’s Protected View Leaking credentials from Outlook Detection & mitigation Burp Suite: More PortSwigger labs HTTP request/response analysis https://t.co/zY4F7nSLUh
@prxdhxman
22 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/sTT92ZhXlE #tryhackme via @realtryhackme
@fola790
19 Aug 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/qILWfTMOTB #tryhackme via @realtryhackme
@whatthecoconutt
18 Aug 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/VjH3ij8Czx #tryhackme via @realtryhackme
@shawnmsoles
16 Aug 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Just learnt about Moniker Link (CVE-2024-21413) that led to exposed user's credentials using CVE-2024-21413 to bypass Outlook's Protected View Remediations: * Do not click random links * Preview links before clicking them * Forward suspicious emails to the respective department
@0x4d1ty4
14 Aug 2025
30 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. #CyberSecurity #InfoSec #PenTesting #TryHackMe #CyberSecurityJobs https://t.co/loqf4Pylmk #tryhackme via @realtryhackme
@db_xix
14 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/3L9UJxigsT #tryhackme via @realtryhackme Github repo: https://t.co/QbvnAC189o I was stuck. Thanks @TylerRamsbey day 27
@thakreyrok
11 Aug 2025
3 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/qiuwIbABfT #tryhackme via @realtryhackme
@0xSubrat
9 Aug 2025
60 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 New Templates Bounty Issue 💰 CVE-2024-21413 - CVE-2024-21413 💰 👾 Issue: https://t.co/uDTFBrEWMD #bugbounty #NucleiTemplates #cve #opensource
@pdnuclei
2 Jul 2025
1077 Impressions
1 Retweet
13 Likes
2 Bookmarks
0 Replies
0 Quotes
Finished a full walkthrough of the serious Moniker Link vulnerability (CVE-2024-21413), from how the attack works, to the coding behind it, and how to detect and defend against it. #tryhackme https://t.co/QTkkh4xxcS
@szewailaw_lis
1 Jul 2025
394 Impressions
0 Retweets
30 Likes
1 Bookmark
2 Replies
0 Quotes
Monicker Link (CVE-2024-21413) -- Share your achievement https://t.co/kNBk0iFg9V #tryhackme via @realtryhackme
@michaellearns_
26 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC of CVE-2024-21413 وحدة من ثغرات الـoutlook اللي من خلالها تقدر تسوي bypass للـsecurity mechanism للـoutlook عن طريق الـhyperlink بدل ما يكون الرابط كذا https://t.co/kkDEvtcKbH يصير يوصل الضحية
@PTShatha511
20 Jun 2025
3519 Impressions
1 Retweet
53 Likes
57 Bookmarks
1 Reply
0 Quotes
🚨CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability PoC (no audio) Credit: https://t.co/SbW4G81mO8 https://t.co/IW6zmnngRE
@DarkWebInformer
5 May 2025
44523 Impressions
187 Retweets
962 Likes
481 Bookmarks
4 Replies
5 Quotes
🎯Wrapped up Moniker Link on @TryHackMe! Mastered CVE-2024-21413 by exploiting Outlook’s Protected View to leak creds and learning how to stay secure.🧠 🙏Huge thanks to @allenharper for the opportunity! #OutlookExploit #ThreatHunting #RedTeam https://t.co/uhLbOPBpJk
@707_Roi
7 Apr 2025
39 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-21413 | Microsoft Outlook Remote Code Execution https://t.co/KdcRILuLOB
@Domenech97
26 Mar 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Day 92 of #100DaysOfCybersecurity @jay_hunts @segoslavia Explored the Moniker Link room on TryHackMe and learned about CVE-2024-21413, an Outlook vulnerability allowing NTLM hash leaks & RCE via malicious links. Tested it using Responder & a Python script with smtplib.
@Babatunde739
17 Mar 2025
84 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Moniker link vulnerability with the assigned CVE of CVE-2024-21413 the way of attacking vulnerabiliry https://t.co/tC0BE1x4yD
@akdknfndekdkkdn
15 Mar 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Is your organization using Outlook? Is it up to date? It is a good practice to always use the latest versions of the apps. If not, be sure to always download security updates. There are versions of Outlook that are vulnerable to Moniker Link (CVE-2024-21413).
@blue_squ1rrel
13 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Vulnerability #CVE202421413 CVE-2024-21413 (CVSS 9.8): Critical Outlook Flaw Under Active Attack, PoC Available https://t.co/9nSJAXD4kr
@Komodosec
9 Mar 2025
94 Impressions
1 Retweet
1 Like
2 Bookmarks
0 Replies
0 Quotes
Microsoft Outlook の脆弱性 CVE-2024-21413:積極的な悪用と CISA KEV 登録 https://t.co/N7XOQHd9UD Microsoft Outlook の RCE 脆弱性 CVE-2024-21413 が、CISA KEV に登録されました。この脆弱性は、すでに PoC… https://t.co/dQKhhqsiSi
@iototsecnews
17 Feb 2025
43 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Die US-Sicherheitsbehörde #CISA warnt vor einer akuten Bedrohung: Eine kritische Sicherheitslücke in #Microsoft #Outlook (CVE-2024-21413) wird derzeit aktiv von Cyberkriminellen ausgenutzt. https://t.co/XBhJ4aMuW8
@it__security
14 Feb 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical #Microsoft Outlook Vulnerability (#CVE-2024-21413) Actively Exploited in Attacks – CISA Warns https://t.co/1aF3goF4H4
@UndercodeUpdate
14 Feb 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "45A9ECE7-F173-47AB-A420-0B6F64A04D21"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "14D63E3F-A431-4DD8-979F-811E8DAC423D"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD"
}
],
"operator": "OR"
}
]
}
]