CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-38021

Medium Severity
Microsoft
SVRS
36/100
CVSSv3
8.8/10
EPSS
0.10927/1

CVE-2024-38021 is a Microsoft Outlook Remote Code Execution Vulnerability that could allow attackers to execute arbitrary code on vulnerable systems. Despite a CVSS score of 8.8, SOCRadar's Vulnerability Risk Score (SVRS) is 36, indicating a lower real-world threat level despite its technical severity. This vulnerability arises from improper input validation in Outlook, potentially enabling attackers to gain control through specially crafted emails. Successful exploitation could lead to system compromise and data theft. Although the CVSS score suggests high severity, the relatively low SVRS implies that the threat might not be actively exploited in the wild at a high rate, but patching remains crucial. Organizations should prioritize patching based on their specific threat landscape and the presence of the "In The Wild" tag, indicating observed exploitation. The risk includes potential disruption and unauthorized access if left unaddressed.

TAGS
In The Wild
Vendor-advisory
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:R
S:U
C:H
I:H
A:H
E:U
RL:O
RC:C
PUBLICATION DATE2025-03-11
LAST MODIFIED2024-07-09
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-38021 is a remote code execution vulnerability in Microsoft Outlook. The vulnerability allows an attacker to execute arbitrary code on a victim's computer by sending a specially crafted email. The SVRS for this vulnerability is 36, indicating a moderate risk.

Key Insights

  • This vulnerability is actively exploited in the wild, meaning that hackers are actively using it to attack computers.
  • The vulnerability affects all versions of Microsoft Outlook.
  • The Cybersecurity and Infrastructure Security Agency (CISA) has warned of the vulnerability, calling for immediate and necessary measures.

Mitigation Strategies

  • Update Microsoft Outlook to the latest version.
  • Disable macros in email attachments.
  • Be cautious of emails from unknown senders.
  • Use a firewall to block unauthorized access to your computer.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-38021 | Microsoft Office input validation
vuldb.com2025-03-19
CVE-2024-38021 | Microsoft Office input validation | A vulnerability was found in Microsoft Office. It has been classified as critical. This affects an unknown part. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-38021. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com
rss
forum
news
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs
Ajit Jasrotia2024-11-13
Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs | Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated […] The post Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs
allhackernews.com
rss
forum
news
Tageszusammenfassung - 19.08.2024
CERT.at2024-08-19
Tageszusammenfassung - 19.08.2024 | End-of-Day report Timeframe: Freitag 16-08-2024 18:00 - Montag 19-08-2024 18:00 Handler: Michael Schlagenhaufer Co-Handler: n/a News Nachbetrachtung: Windows und die TCP-IP-Schwachstelle CVE-2024-38063 Zum 13. August 2024 wurde die 0-day-Schwachstelle CVE-2024-38063 in Windows bekannt. Es handelt sich um eine Remote-Code-Execution-Schwachstelle in der TCP/IP-Implementierung von Windows steckt. Angreifer können über IPv6-Pakete einen Host kompromittieren und dort Code ausführen. Weben der Bewertung mit
cve-2024-38021
cve-2024-1737
cve-2024-7646
cve-2024-38063
The July 2024 Security Update Review
Dustin Childs2024-07-09
The July 2024 Security Update Review | We’re just past the halfway point of 2024, and as expected, Microsoft and Adobe have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather watch the full video recap covering the entire release, you can check it out here: Adobe Patches for July 2024For July, Adobe released three
cve-2024-37977
cve-2024-38051
cve-2024-38015
cve-2024-38054
Technical Analysis: CVE-2024-38021
Arnold Osipov2024-08-19
Technical Analysis: CVE-2024-38021 | Recently, Morphisec researchers discovered a vulnerability in Microsoft Outlook that can lead to remote code execution (RCE). This vulnerability, identified as
morphisec.com
rss
forum
news
Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited - The Hacker News
2024-07-10
Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited - The Hacker News | News Content: Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser over the past month. The two security shortcomings that have come under exploitation are below - CVE
google.com
rss
forum
news
Tageszusammenfassung - 10.07.2024
CERT.at2024-07-10
Tageszusammenfassung - 10.07.2024 | End-of-Day report Timeframe: Dienstag 09-07-2024 18:00 - Mittwoch 10-07-2024 18:00 Handler: Alexander Riepl Co-Handler: n/a News Ticket Heist network of 700 domains sells fake Olympic Games tickets A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. https://www.bleepingcomputer.com/news/security/ticket-heist-network-of-700-domains-sells-fake-olympic-games-tickets/
cve-2024-38021
domains
urls
cves

Social Media

Maybe it will assist Rahul Dahiwadkar with CVE-2024-38021? Or how many of these phishing emails with code execution and pixel trackers is he going to send to me and everyone else exactly? 🤔😁 "5,Ruwal Shrushti 411045 Pune Maharashtra Country IN Phone +91.7387422225 E-mail
0
0
0
5. CVE-2024-38021: https://t.co/ownNrTjqWC https://t.co/tzJJyHm9Q0
1
0
0
8) Researcher Uncovers Critical Microsoft Outlook Vulnerability: Zero-Click Exploit Puts Systems at Risk Morphisec researchers have disclosed a critical vulnerability in Microsoft Outlook, identified as CVE-2024-38021, which allows remote attackers to execute arbitrary code on
1
0
0
New CVE-2024-38021 and CVE-2024-21413 both for Microsoft Outlook RCE Vulnerability has been published! #vulnerability #cybersecuritytips #cybersecurity #cyberattacks #POST #newpost https://t.co/pphyIdixI0
0
0
0
Researcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021) https://t.co/tpGrathHV0
0
0
0
Researcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021) Learn about a critical vulnerability in Microsoft Outlook (CVE-2024-38021). Understand the potential risks and how to mitigate them. https://t.co/4ZSXqmNw1D
0
0
0
Updated Post: Critical Outlook Vulnerability CVE-2024-38021 Requires Immediate Action https://t.co/hAdJSqrphk https://t.co/UGn5ItYDpP
0
0
0
Track 4 (1600) "Outlook Unleashing RCE Chaos: CVE-2024-30103 & CVE-2024-38021" #defcon32
0
0
1
CVE-2024-38021: Moniker RCE Vulnerability Uncovered in Microsoft Outlook https://t.co/M6HrEpSAVg
0
0
0
CVE-2024-38021: Moniker RCE Vulnerability Uncovered in Microsoft Outlook https://t.co/1lCtvk7TVk
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppMicrosoft365_apps
AppMicrosoftoffice_long_term_servicing_channel
AppMicrosoftoffice

References

ReferenceLink
[email protected]https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38021
MICROSOFT OUTLOOK REMOTE CODE EXECUTION VULNERABILITYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38021

CWE Details

CWE IDCWE NameDescription
CWE-20Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence