CVE-2023-23397: Outlook NTLM Credential Theft

Score: 9.8
CRITICAL
Published: 2023-03-14Affected: Microsoft Outlook for WindowsCWE-294 β†—

Can Outlook leak credentials without opening email?

A critical zero-click vulnerability where a specially crafted email triggers an NTLM authentication request to an attacker-controlled SMB server. The victim does not need to open or preview the email β€” receiving it is sufficient for exploitation.

Impact & Exploitation

Exploited by Russian military intelligence (GRU). No user interaction required. Email receipt alone triggers credential theft, enabling lateral movement and domain compromise.

Related Resources

πŸ”— External References

Precogs Logo

Precogs Research

This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.

Base Score

CVSS9.8
SeverityCRITICAL
CWECWE-294
Published2023-03-14

Tags

outlookntlmzero-clickemail

Quick Links

Is your system affected?

Precogs AI detects Outlook NTLM Credential Theft in compiled binaries and firmware β€” even without source code.

Request Deep Analysis

Is Your System Still Exposed to Critical CVEs?

Vulnerabilities like CVE-2023-23397 Outlook NTLM Credential Theft don’t just exist in source code β€” they persist in compiled binaries, containers, and embedded systems. Precogs AI detects vulnerable components across your entire stack β€” even when source code isn’t available.

Request Deep AnalysisBook a demo