cve/2023/CVE-2023-23397.md

### [CVE-2023-23397](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23397)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20365%20Apps%20for%20Enterprise&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20LTSC%202021&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Outlook%202013%20Service%20Pack%201&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Outlook%202016&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=15.0.0.0%3C%2015.0.5537.1000%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5387.1000%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen)

### Description

Microsoft Outlook Elevation of Privilege Vulnerability

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0xMarcio/cve
- https://github.com/0xsyr0/OSCP
- https://github.com/20142995/sectool
- https://github.com/3yujw7njai/CVE-2023-23397-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AleHelp/Windows-Pentesting-cheatsheet
- https://github.com/AnaJunquera/FancyBears_RootedCON2023
- https://github.com/BC-SECURITY/Moriarty
- https://github.com/BillSkiCO/CVE-2023-23397_EXPLOIT
- https://github.com/BronzeBee/cve-2023-23397
- https://github.com/CKevens/CVE-2023-23397-POC
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Cyb3rMaddy/CVE-2023-23397-Report
- https://github.com/CyberLab-Thales-Belgium/CTF-BE-Cyber-Command
- https://github.com/GhostTroops/TOP
- https://github.com/Micahs0Day/Micahs0Day
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/Muhammad-Ali007/OutlookNTLM_CVE-2023-23397
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Pushkarup/CVE-2023-23397
- https://github.com/SecCTechs/CVE-2023-23397
- https://github.com/Sicos1977/MsgKit
- https://github.com/SirElmard/ethical_hacking
- https://github.com/TheUnknownSoul/CVE-2023-23397-PoW
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/CVE
- https://github.com/Trackflaw/CVE-2023-23397
- https://github.com/Vinalti/cve-badge.li
- https://github.com/WidespreadPandemic/NetNTLMv2-and-Office-Docs-Research
- https://github.com/Zeppperoni/CVE-2023-23397-Patch
- https://github.com/abdulr7mann/exploits
- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android
- https://github.com/ahmedkhlief/CVE-2023-23397-POC
- https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook
- https://github.com/alecdhuse/Lantern-Shark
- https://github.com/aleff-github/aleff-github
- https://github.com/aleff-github/my-flipper-shits
- https://github.com/alicangnll/CVE-2023-23397
- https://github.com/alsaeroth/CVE-2023-23397-POC
- https://github.com/aneasystone/github-trending
- https://github.com/anhuisec/CVE-Summary
- https://github.com/api0cradle/CVE-2023-23397-POC-Powershell
- https://github.com/bhavsec/bhavsec
- https://github.com/bkzk/cisco-email-filters
- https://github.com/cleverg0d/CVE-2023-23397-PoC-PowerShell
- https://github.com/cybersecurelabs/cyber-research
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/delivr-to/detections
- https://github.com/djackreuter/CVE-2023-23397-PoC
- https://github.com/febrezo/email-hunter
- https://github.com/grgmrtn255/Links
- https://github.com/grn-bogo/CVE-2023-23397
- https://github.com/hktalent/TOP
- https://github.com/hktalent/bug-bounty
- https://github.com/im007/CVE-2023-23397
- https://github.com/izj007/wechat
- https://github.com/j0eyv/CVE-2023-23397
- https://github.com/jacquesquail/CVE-2023-23397
- https://github.com/jake-44/Research
- https://github.com/ka7ana/CVE-2023-23397
- https://github.com/karimhabush/cyberowl
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/m4nbat/KustQueryLanguage_kql
- https://github.com/madelynadams9/CVE-2023-23397-Report
- https://github.com/mmseng/code-compendium
- https://github.com/moneertv/CVE-2023-23397
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/oscpname/OSCP_cheat
- https://github.com/rasmus-leseberg/security-labs
- https://github.com/revanmalang/OSCP
- https://github.com/securiteinfo/expl_outlook_cve_2023_23397_securiteinfo.yar
- https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY
- https://github.com/stevesec/CVE-2023-23397
- https://github.com/taielab/awesome-hacking-lists
- https://github.com/tiepologian/CVE-2023-23397
- https://github.com/vlad-a-man/CVE-2023-23397
- https://github.com/xhref/OSCP
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-23397](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23397)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20365%20Apps%20for%20Enterprise&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%202019&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Office%20LTSC%202021&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Outlook%202013%20Service%20Pack%201&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20Outlook%202016&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=15.0.0.0%3C%2015.0.5537.1000%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=16.0.0.0%3C%2016.0.5387.1000%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=16.0.1%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=19.0.0%3C%20https%3A%2F%2Faka.ms%2FOfficeSecurityReleases%20&color=brighgreen)`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen)`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`### Description`

			`Microsoft Outlook Elevation of Privilege Vulnerability`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
Update CVE sources 2024-06-10 18:01 2024-06-10 18:01:06 +00:00			`- https://github.com/0xMarcio/cve`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/0xsyr0/OSCP`
			`- https://github.com/20142995/sectool`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://github.com/3yujw7njai/CVE-2023-23397-POC`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/AleHelp/Windows-Pentesting-cheatsheet`
			`- https://github.com/AnaJunquera/FancyBears_RootedCON2023`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/BC-SECURITY/Moriarty`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/BillSkiCO/CVE-2023-23397_EXPLOIT`
			`- https://github.com/BronzeBee/cve-2023-23397`
			`- https://github.com/CKevens/CVE-2023-23397-POC`
			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CVEDB/top`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://github.com/Cyb3rMaddy/CVE-2023-23397-Report`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/CyberLab-Thales-Belgium/CTF-BE-Cyber-Command`
			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/Micahs0Day/Micahs0Day`
			`- https://github.com/Mr-xn/Penetration_Testing_POC`
			`- https://github.com/Muhammad-Ali007/OutlookNTLM_CVE-2023-23397`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/Pushkarup/CVE-2023-23397`
			`- https://github.com/SecCTechs/CVE-2023-23397`
			`- https://github.com/Sicos1977/MsgKit`
			`- https://github.com/SirElmard/ethical_hacking`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/TheUnknownSoul/CVE-2023-23397-PoW`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/Threekiii/Awesome-POC`
			`- https://github.com/Threekiii/CVE`
			`- https://github.com/Trackflaw/CVE-2023-23397`
			`- https://github.com/Vinalti/cve-badge.li`
			`- https://github.com/WidespreadPandemic/NetNTLMv2-and-Office-Docs-Research`
			`- https://github.com/Zeppperoni/CVE-2023-23397-Patch`
			`- https://github.com/abdulr7mann/exploits`
			`- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android`
			`- https://github.com/ahmedkhlief/CVE-2023-23397-POC`
			`- https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook`
			`- https://github.com/alecdhuse/Lantern-Shark`
Update CVE sources 2024-06-22 09:37 2024-06-22 09:37:59 +00:00			`- https://github.com/aleff-github/aleff-github`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/aleff-github/my-flipper-shits`
			`- https://github.com/alicangnll/CVE-2023-23397`
			`- https://github.com/alsaeroth/CVE-2023-23397-POC`
			`- https://github.com/aneasystone/github-trending`
			`- https://github.com/anhuisec/CVE-Summary`
			`- https://github.com/api0cradle/CVE-2023-23397-POC-Powershell`
			`- https://github.com/bhavsec/bhavsec`
			`- https://github.com/bkzk/cisco-email-filters`
			`- https://github.com/cleverg0d/CVE-2023-23397-PoC-PowerShell`
			`- https://github.com/cybersecurelabs/cyber-research`
			`- https://github.com/d4n-sec/d4n-sec.github.io`
			`- https://github.com/delivr-to/detections`
			`- https://github.com/djackreuter/CVE-2023-23397-PoC`
			`- https://github.com/febrezo/email-hunter`
			`- https://github.com/grgmrtn255/Links`
			`- https://github.com/grn-bogo/CVE-2023-23397`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/hktalent/bug-bounty`
			`- https://github.com/im007/CVE-2023-23397`
			`- https://github.com/izj007/wechat`
			`- https://github.com/j0eyv/CVE-2023-23397`
			`- https://github.com/jacquesquail/CVE-2023-23397`
			`- https://github.com/jake-44/Research`
			`- https://github.com/ka7ana/CVE-2023-23397`
			`- https://github.com/karimhabush/cyberowl`
			`- https://github.com/kgwanjala/oscp-cheatsheet`
			`- https://github.com/lions2012/Penetration_Testing_POC`
			`- https://github.com/m4nbat/KustQueryLanguage_kql`
			`- https://github.com/madelynadams9/CVE-2023-23397-Report`
			`- https://github.com/mmseng/code-compendium`
			`- https://github.com/moneertv/CVE-2023-23397`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/oscpname/OSCP_cheat`
			`- https://github.com/rasmus-leseberg/security-labs`
			`- https://github.com/revanmalang/OSCP`
			`- https://github.com/securiteinfo/expl_outlook_cve_2023_23397_securiteinfo.yar`
			`- https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY`
			`- https://github.com/stevesec/CVE-2023-23397`
			`- https://github.com/taielab/awesome-hacking-lists`
			`- https://github.com/tiepologian/CVE-2023-23397`
			`- https://github.com/vlad-a-man/CVE-2023-23397`
			`- https://github.com/xhref/OSCP`