| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2024-20670 | Outlook for Windows Spoofing Vulnerability | Microsoft Outlook | Important | 23-04-2024 |
Technical Information
The attacker sends a specially crafted emails for establishing a connection to attacker’s controlled network and it could leak Net-NTLMv2 hashes to the attacker, which then can be used to authenticate themself as a authenticated user to services.
Patch release date: Apr 09, 2024
Further information on this vulnerability is available at : CVE-2024-20670