CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability

preview_player
Показать описание
Demo of CVE-2023-23397. On the left is the victim opening a malicious Outlook appointment and on the right, the attacker's malicious SMB server steals their NTLM hash.
  1. Make2Break
Рекомендации по теме
CVE-2023-23397: Microsoft Outlook 0:00:25

CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability

How to remediate 0:03:54

How to remediate Microsoft Outlook Elevation of Privilege Vulnerability CVE-2023-23397 immediately !

OUTLOOK ELEVATION OF 0:04:47

OUTLOOK ELEVATION OF PRIVILEGE VULNERABILITY - CVE 2023 23397

CVE-2023-23397 Outlook Privilege 0:11:17

CVE-2023-23397 Outlook Privilege Escalation Walkthrough

Microsoft Outlook Zero-Day 0:01:01

Microsoft Outlook Zero-Day Vulnerability- Elevation of Privilege Vulnerability CVE-2023-23397

Everything you need 0:05:46

Everything you need to know about the Outlook Exploit - Critical Vulnerability CVE-2023-23397

Digging into CVE-2023-23397 0:09:56

Digging into CVE-2023-23397

Microsoft Outlook NTLM 0:16:15

Microsoft Outlook NTLM Vulnerability | CVE-2023-23397 Demo

DarkRelay's POC and 0:02:25

DarkRelay's POC and demo on CVE-2023-23397: Critical Microsoft Outlook vulnerability

Outlook PrivEsc Vulnerability 0:05:35

Outlook PrivEsc Vulnerability CVE 2023 23397

Microsoft Outlook - 0:02:22

Microsoft Outlook - Critical Vulnerability (CVE-2023-23397)

TryHackMe - Outlook 0:48:20

TryHackMe - Outlook NTLM Leak (CVE-2023-23397)

Microsoft Outlook NTLM 0:06:07

Microsoft Outlook NTLM Leak | Walkthrough | TryHackMe | CVE-2023-23397 Security Vulnerability

Russian Malicious Outlook 0:14:13

Russian Malicious Outlook Calendar Invites Targeting Ukraine (CVE-2023-23397) | Threat SnapShot

Microsoft Outlook Elevation 0:01:49

Microsoft Outlook Elevation of Privilege Vulnerability

CVE-2023-23397 Quick & 0:00:42

CVE-2023-23397 Quick & Dirty PoC

Exploiting Outlook CVE-2023-23397 0:10:17

Exploiting Outlook CVE-2023-23397 to Relay Credentials

PHISH Any Outlook 0:12:46

PHISH Any Outlook User [Hands-on]! CVE-2023-23397

#WeeklyCTI - Critical 0:34:49

#WeeklyCTI - Critical Vulnerability in Microsoft Outlook Client

Live Hacking Outlook 0:02:30

Live Hacking Outlook Schwachstelle CVE-2023-23397

Passworthashes durch ÖFFNEN 0:09:15

Passworthashes durch ÖFFNEN einer E-Mail sammeln? (Die neue Outlook-Lücke CVE-2023-23397)

Outlook NTLM Hash 0:08:54

Outlook NTLM Hash leak || CVE-2023-23397

Outlook Elevation of 0:01:00

Outlook Elevation of Privilege CVE 2023-23397 | The AppSec Insiders Podcast Ep.12

Critical Outlook NTLM 0:03:44

Critical Outlook NTLM Vulnerability (CVE-2023-23397) | Security Spotlight

Комментарии
Автор

The stages involved in resolving issues related to CVE-2023-23397 include:

1. Identification: Recognizing the vulnerability in Microsoft Outlook, in this case, CVE-2023-23397, which is an elevation of privilege vulnerability.

2. Mitigation: Taking steps to mitigate the risks associated with the vulnerability, such as applying security patches or updates provided by Microsoft.

3. Detection: Employing threat hunting techniques to detect any exploitation of the vulnerability, including monitoring for anomalous user activity consistent with credential compromise.

4. Response: Responding to any exploitation attempts, such as investigating and analyzing potential threats and taking appropriate actions to prevent further unauthorized access.

5. Reporting: Reporting any incidents or findings related to the vulnerability to relevant authorities or security teams for further analysis and response.

Overall, the process involves a combination of proactive measures to prevent exploitation, continuous monitoring for any suspicious activities, and swift response to any security incidents related to CVE-2023-23397.

ВиталийОвчаренко-ин
Автор

How did you created that appointment.msg file? I wanted to get the code for creating that exploit.

Xordath