CVE-2023-23397

Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user. Vendor/Product: Microsoft Office. Added to CISA KEV 2023-03-14; required action: Apply updates per vendor instructions.