Critical active threat
CVE-2023-23397 Microsoft Office Outlook Privilege Escalation
- Actively exploited (CISA KEV)
- CVSS 9.8
- Listed on CISA KEV
- Potential privilege escalation to admin/root
Microsoft Office Privilege Escalation is on CISA KEV — confirmed in-the-wild exploitation. Expect continued targeting while the issue remains on the catalog.