Skip to main content

Outlook CVE-2022-24480

MEDIUM
2022-12-13 secure@microsoft.com
6.3
CVSS 3.1 · Vendor: microsoft
Share

Severity by source

Vendor (microsoft) PRIMARY
6.3 MEDIUM
AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from Vendor (microsoft) · only source for this CVE.

CVSS VectorVendor: microsoft

CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Physical
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 13, 2022 - 19:15 cve.org
MEDIUM 6.3

DescriptionCVE.org

Outlook for Android Elevation of Privilege Vulnerability

AnalysisAI

Outlook for Android Elevation of Privilege Vulnerability. Rated medium severity (CVSS 6.3).

Technical ContextAI

Affected products include: Microsoft Outlook.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2013-3870 CRITICAL POC
9.3 Sep 11

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrar

CVE-2017-8506 HIGH
7.8 Jun 15

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in m

CVE-2024-42220 CRITICAL POC
9.1 Dec 18

A library injection vulnerability exists in Microsoft Outlook 16.83.3 for macOS. Rated critical severity (CVSS 9.1), thi

CVE-2023-33131 HIGH POC
8.8 Jun 14

Microsoft Outlook Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely ex

CVE-2016-3278 HIGH
7.8 Jul 13

Microsoft Outlook 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a craf

CVE-2017-8507 HIGH
7.8 Jun 15

A remote code execution vulnerability exists in the way Microsoft Office software parses specially crafted email message

CVE-2024-30103 HIGH
8.8 Jun 11

Microsoft Outlook Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely ex

CVE-2020-37188 HIGH POC
7.5 Feb 11

SpotOutlook 1.2.6 contains a denial of service vulnerability in the registration name input field that allows attackers

CVE-2017-8663 HIGH
7.8 Aug 01

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Mic

CVE-2017-11776 HIGH
7.5 Oct 13

Microsoft Outlook 2016 allows an attacker to obtain the email content of a user, due to how Outlook 2016 discloses user

CVE-2025-47171 MEDIUM POC
6.7 Jun 10

Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute code locally.

CVE-2017-8571 HIGH
7.8 Aug 01

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, and Outlook 2016 as packaged in Mic

Share

CVE-2022-24480 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy