<< Back
CVE Number Vulnerability Product Severity Date
CVE-2024-20670 Outlook for Windows Spoofing Vulnerability Microsoft Outlook Important 23-04-2024

Technical Information

The attacker sends a specially crafted emails for establishing a connection to attacker’s controlled network and it could leak Net-NTLMv2 hashes to the attacker, which then can be used to authenticate themself as a authenticated user to services.

Patch release date: Apr 09, 2024
Further information on this vulnerability is available at : CVE-2024-20670

Affected Software

Outlook for Windows