Vulnerability Monitor

Type: Secondary CWE-20
Type: Primary NVD-CWE-noinfo

The vendors, products, and vulnerabilities you care about

CVE-2024-21413

Microsoft Outlook Remote Code Execution Vulnerability

2024-02-13T18:16:00.137

2025-10-28T14:36:10.643

Analyzed

CVSSv3.1: 9.8 (CRITICAL)

Type	Vendor	Product	Version/Range	Vulnerable?
Application	microsoft	365_apps	-	Yes
Application	microsoft	office_2016	-	Yes
Application	microsoft	office_2016	-	Yes
Application	microsoft	office_2019	-	Yes
Application	microsoft	office_2019	-	Yes
Application	microsoft	office_long_term_servicing_channel	2021	Yes

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 Patch, Vendor Advisory ([email protected])
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21413 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/ Technical Description (af854a3a-2127-422b-91ae-364da2661108)
https://www.vicarius.io/vsociety/posts/cve-2024-21413-critical-monikerlink-vulnerability-affecting-microsoft-outlook-detection-script Exploit (af854a3a-2127-422b-91ae-364da2661108)
https://www.vicarius.io/vsociety/posts/cve-2024-21413-critical-monikerlink-vulnerability-affecting-microsoft-outlook-mitigation-script Mitigation (af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-21413 US Government Resource (134c704f-9b21-4f2e-91b3-4a467353bcc0)