Update README.MD

nu11secur1ty · Mar 20, 2024 · 3f5f00f · 3f5f00f
1 parent a6b24ee
commit 3f5f00f
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/2024/CVE-2024-21413/README.MD b/2024/CVE-2024-21413/README.MD
@@ -2,5 +2,21 @@
 
 ![](https://github.com/nu11secur1ty/CVE-mitre/blob/main/2024/CVE-2024-21413/docs/Screenshot%202024-03-20%20123756.png)
 
+## Title: Microsoft Outlook Remote Code Execution Vulnerability
+## Author: nu11secur1ty
+## Date: 03/20/2024
+## Vendor: https://www.microsoft.com/
+## Software: https://www.microsoft.com/en/microsoft-365/outlook/email-and-calendar-software-microsoft-outlook
+## Reference: https://www.bugcrowd.com/glossary/remote-code-execution-rce/
 
+## Description:
+By sending a malicious (.docm) file, to the victim using the Outlook mail – app of 365, the attacker will wait for the victim to click on it by using and executing his malicious code after the victim opens this file. After this action, the attacker can get control of some parts of the Windows services, he can steal sensitive information, and make a bot machine from the victim’s PC.
 
+STATUS: MEDIUM- Vulnerability
+
+
+## Proof and Exploit:
+[href](https://youtu.be/uzAgkP6exGI?si=347wEcTyIzkG0MMY)
+
+## Time spent:
+01:17:00