CVE-2024-21413
Published Feb 13, 2024
Last updated 16 days ago
AI description
CVE-2024-21413 is a critical remote code execution (RCE) vulnerability affecting Microsoft Outlook. It is classified as an "Improper Input Validation Vulnerability". The vulnerability arises from how Outlook processes certain URLs, especially those using the file:// protocol and crafted URL structures. This "MonikerLink" bug allows attackers to bypass the Office Protected View feature and execute arbitrary code on a victim's machine, potentially leading to system compromise, data exfiltration, or malware installation. This can be achieved by sending a malicious email, and in some cases, simply previewing the email is enough to trigger the exploit.
- Description
- Microsoft Outlook Remote Code Execution Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- Products
- 365_apps, office_2016, office_2019, office_long_term_servicing_channel
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Microsoft Outlook Improper Input Validation Vulnerability
- Exploit added on
- Feb 6, 2025
- Exploit action due
- Feb 27, 2025
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- secure@microsoft.com
- CWE-20
- nvd@nist.gov
- NVD-CWE-noinfo
- Hype score
- Not currently trending
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/coLALMH5WM #tryhackme via @tryhackme
@PixelMach1
12 Nov 2025
17 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/1HiDcIuIxO #tryhackme via @tryhackme #BarbosSecurity
@BarbosSecurity
10 Nov 2025
6 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/3HfKWAFH5g #tryhackme via @tryhackme
@8ugst3r
10 Nov 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/m8IZpQmPOg #tryhackme via @tryhackme
@icantbenobody
9 Nov 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/myr0BJo6Ai #tryhackme via @tryhackme
@305_Rockett
9 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/eUQc480bHQ #tryhackme via @tryhackme
@sanjeevbadhan34
5 Nov 2025
50 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/FvwSZ7OVlI #tryhackme via @tryhackme
@__ART3MISS
3 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I started the Exploitation Basics module on @tryhackme and covered the Moniker Link (CVE-2024-21413) . Learnt how a specially formed email link can trick Outlook into leaking NTLM credentials. https://t.co/g4xRQdH0jT
@its_priscy28
2 Nov 2025
55 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/XvKRbJO0RU #tryhackme a través de @tryhackme
@l0ngh0
1 Nov 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/JmSP7nxpTk #tryhackme via @tryhackme
@Rishabh09joshi
27 Oct 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on @tryhackme. CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/ItPjsy6fpD #tryhackme via @tryhackme
@devnotindian
24 Oct 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/wO4Ddd0FWb #tryhackme via @tryhackme https://t.co/YbFTlYiAmh
@intel_ears
23 Oct 2025
113 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/VBzyL8Z9td #tryhackme @tryhackmeより
@memorinosub
23 Oct 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Analyzed CVE-2024-21413 (MonikerLink). A critical RCE in Outlook that bypasses security via crafted monikers to leak NTLM hashes. Understanding the exploit chain is key to defense.#CVE202421413 Share your achievement https://t.co/JdBdkteht6 #tryhackme via @realtryhackme
@AnmolLa98614976
12 Oct 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/xijTwoYmOG #tryhackme via @realtryhackme
@with_nomii
10 Oct 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/eNyhuCKyfD #tryhackme via @realtryhackme
@lguerramx
9 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View https://t.co/tLEnwVohsn #tryhackme via @realtryhackme
@CyberAdeola
9 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/tLEnwVohsn #tryhackme via @realtryhackme
@CyberAdeola
9 Oct 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/IiifJnlIFN #tryhackme via @realtryhackme
@jzcorpo
9 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/NDzzd789nq #tryhackme via @realtryhackme
@ch63179440
9 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/pELX6ugnGx #tryhackme via @realtryhackme
@kbadvani
6 Oct 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/v9pIZs4qrn #tryhackme @realtryhackmeより
@keiworks46
5 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Just finished the “Mon!ker Link (CVE-2024-21413)” room on Tryhackme. Here’s a quick breakdown of what MonikerLink is and why it matters https://t.co/nCAMJEUmZS
@Cyb3rOps_
2 Oct 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
Day-29 #hackers @realtryhackme #monikerlink I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/dTFfDQbqe3 #tryhackme via @realtryhackme
@VikramJata5395
29 Sept 2025
64 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/c94MEKSbbO #tryhackme via @realtryhackme
@UgwuanyiEmeka3
28 Sept 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/2aVuzFGDfT #tryhackme via @realtryhackme
@HuhHowAboutThis
24 Sept 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/Iv6HdXFfhu #tryhackme via @realtryhackme
@R3dF0x1c
23 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/v25ploq1mF #tryhackme via @realtryhackme
@monark0x
23 Sept 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/wl8Ya1EwGE #tryhackme via @realtryhackme
@SAguirre79361
23 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/fT0WtIhcEI #tryhackme @realtryhackmeより
@Hakui_note
21 Sept 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/fECx3KnTOx #tryhackme via @realtryhackme
@MakInformatique
15 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/wcZsPYO1CD #tryhackme via @realtryhackme
@StarkesWeb
14 Sept 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/49w4nwXQdb #tryhackme via @realtryhackme
@zeo_stunner
5 Sept 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/7KMAD3Ad1Q #tryhackme via @realtryhackme
@sanjeevbadhan34
31 Aug 2025
97 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/xpfxUWXuCX #tryhackme via @realtryhackme
@SecQuestNinja
27 Aug 2025
106 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/SLAbNv0mjy #tryhackme via @realtryhackme
@brain_codeur
24 Aug 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/CccqFA86Pz #tryhackme via @realtryhackme
@dskhaikh777
24 Aug 2025
93 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Day 14 of my #LearnInPublic #CyberSecurity journey TryHackMe – CVE-2024-21413: Bypassing Outlook’s Protected View Leaking credentials from Outlook Detection & mitigation Burp Suite: More PortSwigger labs HTTP request/response analysis https://t.co/zY4F7nSLUh
@prxdhxman
22 Aug 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/sTT92ZhXlE #tryhackme via @realtryhackme
@fola790
19 Aug 2025
40 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/qILWfTMOTB #tryhackme via @realtryhackme
@whatthecoconutt
18 Aug 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/VjH3ij8Czx #tryhackme via @realtryhackme
@shawnmsoles
16 Aug 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Just learnt about Moniker Link (CVE-2024-21413) that led to exposed user's credentials using CVE-2024-21413 to bypass Outlook's Protected View Remediations: * Do not click random links * Preview links before clicking them * Forward suspicious emails to the respective department
@0x4d1ty4
14 Aug 2025
30 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. #CyberSecurity #InfoSec #PenTesting #TryHackMe #CyberSecurityJobs https://t.co/loqf4Pylmk #tryhackme via @realtryhackme
@db_xix
14 Aug 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/3L9UJxigsT #tryhackme via @realtryhackme Github repo: https://t.co/QbvnAC189o I was stuck. Thanks @TylerRamsbey day 27
@thakreyrok
11 Aug 2025
3 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
I just completed Moniker Link (CVE-2024-21413) room on TryHackMe. Leak user's credentials using CVE-2024-21413 to bypass Outlook's Protected View. https://t.co/qiuwIbABfT #tryhackme via @realtryhackme
@0xSubrat
9 Aug 2025
60 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 New Templates Bounty Issue 💰 CVE-2024-21413 - CVE-2024-21413 💰 👾 Issue: https://t.co/uDTFBrEWMD #bugbounty #NucleiTemplates #cve #opensource
@pdnuclei
2 Jul 2025
1077 Impressions
1 Retweet
13 Likes
2 Bookmarks
0 Replies
0 Quotes
Finished a full walkthrough of the serious Moniker Link vulnerability (CVE-2024-21413), from how the attack works, to the coding behind it, and how to detect and defend against it. #tryhackme https://t.co/QTkkh4xxcS
@szewailaw_lis
1 Jul 2025
394 Impressions
0 Retweets
30 Likes
1 Bookmark
2 Replies
0 Quotes
Monicker Link (CVE-2024-21413) -- Share your achievement https://t.co/kNBk0iFg9V #tryhackme via @realtryhackme
@michaellearns_
26 Jun 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
PoC of CVE-2024-21413 وحدة من ثغرات الـoutlook اللي من خلالها تقدر تسوي bypass للـsecurity mechanism للـoutlook عن طريق الـhyperlink بدل ما يكون الرابط كذا https://t.co/kkDEvtcKbH يصير يوصل الضحية
@PTShatha511
20 Jun 2025
3519 Impressions
1 Retweet
53 Likes
57 Bookmarks
1 Reply
0 Quotes
🚨CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability PoC (no audio) Credit: https://t.co/SbW4G81mO8 https://t.co/IW6zmnngRE
@DarkWebInformer
5 May 2025
44523 Impressions
187 Retweets
962 Likes
481 Bookmarks
4 Replies
5 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "45A9ECE7-F173-47AB-A420-0B6F64A04D21"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*",
"vulnerable": true,
"matchCriteriaId": "241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"
},
{
"criteria": "cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*",
"vulnerable": true,
"matchCriteriaId": "14D63E3F-A431-4DD8-979F-811E8DAC423D"
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD"
}
],
"operator": "OR"
}
]
}
]