CVE-2023-35619
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2023-35619 is a new spoofing vulnerability affecting Microsoft Outlook for Mac. This issue allows an attacker to manipulate the email preview text in such a way that it appears to come from a trusted source, potentially tricking users into revealing sensitive information or clicking on malicious links. Although Microsoft Outlook for Mac does not support ActiveX or VBA macros, this vulnerability demonstrates the importance of email security and the need for users to exercise caution when handling emails, even from seemingly trusted senders. Attackers can exploit this flaw through specially crafted emails and may use social engineering tactics to gain access to sensitive data or infiltrate corporate networks. Users are advised to update their Microsoft Outlook for Mac software to the latest version and enable two-factor authentication for their email accounts to mitigate the risk of falling victim to this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- Microsoft
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions