Detections
Analytics
CVE-2023-23397
critical
Description
Microsoft Outlook Elevation of Privilege Vulnerability
From the Tenable Blog
Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)
Published: 2023-03-14
Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.
References
https://www.infosecurity-magazine.com/news/western-logistics-tech-firms/
https://www.theregister.com/2025/05/21/russias_fancy_bear_alert/
https://www.securityweek.com/cisa-says-russian-hackers-targeting-western-supply-lines-to-ukraine/
https://www.databreachtoday.com/russian-intelligence-hackers-stalk-western-logistics-firms-a-28449
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-141a
https://thehackernews.com/2025/05/russian-hackers-exploit-email-and-vpn.html
https://cyberscoop.com/russian-apt28-cyberattacks-target-western-logistics-ukraine/
https://www.welivesecurity.com/en/eset-research/operation-roundpress/
https://www.darkreading.com/cyberattacks-data-breaches/multiple-group-exploiting-ntlm-flaw
https://www.theregister.com/2025/02/25/new_ics_malware_dragos/
https://hackread.com/microsoft-badpilot-campaign-seashell-blizzard-usa-uk/
https://www.theregister.com/2025/02/12/russias_sandworm_caught_stealing_credentials/
https://therecord.media/sandworm-subgroup-russia-europe
https://thehackernews.com/2025/02/microsoft-uncovers-sandworm-subgroups.html
https://www.darkreading.com/application-security/microsoft-ntlm-zero-day-remain-unpatched-april
https://securelist.com/exploits-and-vulnerabilities-q3-2024/114839/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-317a
https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html
https://securityintelligence.com/x-force/itg05-leverages-malware-arsenal/
https://thehackernews.com/2024/02/cybersecurity-agencies-warn-ubiquiti.html?&web_view=true
https://thehackernews.com/2023/12/beware-experts-reveal-new-details-on.html
https://thehackernews.com/2023/12/russian-apt28-hackers-targeting-13.html?&web_view=true
https://securityaffairs.com/155420/apt/apt8-exploited-outlook-0day-target-nato.html
https://unit42.paloaltonetworks.com/russian-apt-fighting-ursa-exploits-cve-2023-233397/
https://meterpreter.org/proofpoint-uncovers-ta422-apt28s-dedicated-phishing-exploitation-loop/
https://therecord.media/unpatched-microsoft-outlook-email-attacks-fancy-bear
https://thehackernews.com/2023/03/from-ransomware-to-cyber-espionage-55.html
https://www.mandiant.com/resources/blog/zero-days-exploited-2022
Details
Published: 2023-03-14
Updated: 2025-03-13
Named Vulnerability: Zero ClickNamed Vulnerability: Pass-the-HashNamed Vulnerability: Outlook zero-day vulnerabilityNamed Vulnerability: Microsoft Outlook flawNamed Vulnerability: Microsoft Outlook Zero-DayNamed Vulnerability: Microsoft Outlook VulnerabilityNamed Vulnerability: Microsoft Outlook Elevation of PrivilegeNamed Vulnerability: Meeting MayhemKnown Exploited Vulnerability (KEV)
Risk Information
CVSS v2
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Severity: Critical
CVSS v3
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: Critical
EPSS
EPSS: 0.93547
Vulnerability Watch
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability of Interest