FILE Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)

Rule ID

1232367

Severity

Critical

Description

The vulnerability results from the receipt of a crafted Outlook MSG file where the "PidLidReminderFileParameter" - a message property that accepts a universal naming convention (UNC) path - is set to an attacker-controlled resource.

Impact

Privilege escalation

Recommendation

Update vendor's patch.

IPS Category

File vulnerabilities

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

Reference

CVE-2023-23397

T1068

T0819

Keyword

Windows Server 2019;

Created At

2023/03/16

Updated At

2023/03/16

This website uses cookies to ensure you get the best experience on our website.

Learn more