CVE-2023-23397

ENISA EUVD: EUVD-2023-27497 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 3, 2026 20 articles Published: 2023-03-14

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-23

93.49%

probability

This CVE has a 93.49% probability of being exploited in the next 30 days.

0% Top 99.8th percentile of all CVEs 100%

CVSS v3.1

Source: VulnerabilityLookup (CIRCL)

9.8

CRITICAL

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Temporal

Exploit Code Maturity

Functional

Remediation Level

Official Fix

Report Confidence

Confirmed

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

Description

NVD

Microsoft Outlook Elevation of Privilege Vulnerability

Affected Products

Microsoft

Microsoft Office LTSC 2021

16.0.1

Microsoft

Microsoft Outlook 2016

16.0.0.0

Microsoft

Microsoft 365 Apps for Enterprise

16.0.1

Microsoft

Microsoft Office 2019

19.0.0

Microsoft

Microsoft Outlook 2013 Service Pack 1

15.0.0.0

microsoft

365 apps

microsoft

office

microsoft

office long term servicing channel

microsoft

outlook

Microsoft

Microsoft Office 2019

19.0.0 <https://aka.ms/OfficeSecurityReleases

Microsoft

Microsoft Office LTSC 2021

16.0.1 <https://aka.ms/OfficeSecurityReleases

Microsoft

Microsoft 365 Apps for Enterprise

16.0.1 <https://aka.ms/OfficeSecurityReleases

Microsoft

Microsoft Outlook 2016

16.0.0.0 <16.0.5387.1000

Microsoft

Microsoft Outlook 2013 Service Pack 1

15.0.0.0 <15.0.5537.1000

Attack Intelligence

CWE-1390 · Weak Authentication CWE-20 · Improper Input Validation CWE-284 · Improper Access Control CWE-287 · Improper Authentication CWE-294 · Authentication Bypass by Capture-replay CWE-707 · Improper Neutralization

Google Project Zero

Patched

March 14, 2023

Reported by

CERT-UA, Microsoft Incident, Microsoft Threat Intelligence (MSTI)

Root Cause Analysis

???

Exploits & PoC

api0cradle/CVE-2023-23397-POC-Powershell

345 2023-03-17

sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY

Exploit for the CVE-2023-23397

159 2023-03-15

Trackflaw/CVE-2023-23397

Simple PoC of the CVE-2023-23397 vulnerability with the payload sent by email.

126 2023-03-24

ka7ana/CVE-2023-23397

Simple PoC in PowerShell for CVE-2023-23397

39 2023-03-16

tiepologian/CVE-2023-23397

Proof of Concept for CVE-2023-23397 in Python

25 2023-03-21

Muhammad-Ali007/OutlookNTLM_CVE-2023-23397

22 2023-07-15

BronzeBee/cve-2023-23397

Python script for sending e-mails with CVE-2023-23397 payload using SMTP

14 2023-03-22

djackreuter/CVE-2023-23397-PoC

9 2023-03-18

BillSkiCO/CVE-2023-23397_EXPLOIT

Generates meeting requests taking advantage of CVE-2023-23397. This requires the outlook thick client to send.

7 2023-03-17

vlad-a-man/CVE-2023-23397

CVE-2023-23397 PoC

7 2023-05-07

ahmedkhlief/CVE-2023-23397-POC

Exploit POC for CVE-2023-23397

6 2023-03-17

grn-bogo/CVE-2023-23397

Python script to create a message with the vulenrability properties set

4 2023-03-16

Pushkarup/CVE-2023-23397

This script exploits CVE-2023-23397, a Zero-Day vulnerability in Microsoft Outlook, allowing the generation of malicious emails for testing and educat

4 2023-10-26

alicangnll/CVE-2023-23397

CVE-2023-23397 - Microsoft Outlook Vulnerability

3 2023-03-17

P4x1s/CVE-2023-23397-POC

CVE-2023-23397漏洞的简单PoC，有效载荷通过电子邮件发送。

3 2023-03-31

ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook

2 2023-03-19

j0eyv/CVE-2023-23397

1 2023-03-16

moneertv/CVE-2023-23397

CVE-2023-23397 C# PoC

1 2023-03-18

SecCTechs/CVE-2023-23397

Patch for MS Outlook Critical Vulnerability - CVSS 9.8

1 2023-03-20

Cyb3rMaddy/CVE-2023-23397-Report

An exploitation demo of Outlook Elevation of Privilege Vulnerability

1 2023-03-24

TheUnknownSoul/CVE-2023-23397-PoW

Proof of Work of CVE-2023-23397 for vulnerable Microsoft Outlook client application.

1 2024-03-20

Phaedrik/CVE-2023-23397-POC

Two POCs I created for the CVE-2023-23397 Outlook NTLM vulnerability, to be used internally.

1 2026-01-09

im007/CVE-2023-23397

CVE-2023-23397 Remediation Script (Powershell)

0 2023-03-17

Zeppperoni/CVE-2023-23397-Patch

CVE-2023-23397 powershell patch script for Windows 10 and 11

0 2023-03-24

jacquesquail/CVE-2023-23397

0 2023-03-29

ducnorth2712/CVE-2023-23397

0 2023-12-28

Symbolexe/CVE-2023-23397

CVE-2023-23397: Remote Code Execution Vulnerability in Microsoft Outlook

0 2024-06-22

Gilospy/CVE-2023-23397

Demonstration of CVE-2023-23397 Outlook Privellege Escalation vulnerability

0 2025-05-25

28 repos — triés par ⭐ Rechercher sur GitHub ↗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397

vendor-advisory

Signal Intelligence

Confidenceⓘ

92%

EPSS 93.49%

CVSS v3.1 9.8

Mentions 20

Last Seen Feb 25, 2025

CNA Information

CNA Assigner

microsoft

CNA Title

Microsoft Outlook Elevation of Privilege Vulnerability

Analyst Note

CVE-2023-23397 is a critical Microsoft Outlook elevation of privilege vulnerability with a CVSS score of 9.8, documented by CERT-EU and researched by Google Project Zero, providing strong technical validation. The confirmed status is well-justified by the severity rating and authoritative source documentation, though inclusion in CISA KEV would provide additional confidence.