FILE Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)
Rule ID
1232367
Severity
Critical
Description
The vulnerability results from the receipt of a crafted Outlook MSG file where the "PidLidReminderFileParameter" - a message property that accepts a universal naming convention (UNC) path - is set to an attacker-controlled resource.
Impact
Privilege escalation
Recommendation
Update vendor's patch.
IPS Category
File vulnerabilities
IPS Anomaly Group
N/A
IPS Rule Default Action
Deny
Reference
Keyword
Windows Server 2019;
Created At
2023/03/16
Updated At
2023/03/16
This website uses cookies to ensure you get the best experience on our website.
Learn more