CVE-2024-21378

HIGH

Microsoft 365 Apps - Code Injection

Title source: rule

Description

Microsoft Outlook Remote Code Execution Vulnerability

Exploits (2)

nomisec WORKING POC 9 stars
by d0rb · poc
https://github.com/d0rb/CVE-2024-21378

References (1)

Scores

CVSS v3 8.8
EPSS 0.2203
EPSS Percentile 95.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-94
Status published
Products (4)
microsoft/365_apps
microsoft/office 2019
microsoft/office_long_term_servicing_channel 2021
microsoft/outlook 2016
Published Feb 13, 2024
Tracked Since Feb 18, 2026