CVE-2025-47176

描述： ‘…/…//‘ in Microsoft Office Outlook allows an authorized attacker to execute code locally.

---

Description

This proof-of-concept (PoC) demonstrates the CVE-2025-47176 vulnerability simulation. It injects a crafted mail item into Outlook containing a malicious sync path that triggers an action during scanning.

IMPORTANT:
This PoC simulates the vulnerable Outlook path parsing and triggers a system restart when the malicious path is detected.

---

Additional Testing with malicious.prf

You can also test this PoC by importing a crafted Outlook Profile File (malicious.prf):

1. Place malicious.prf in the same folder as PoC.py.

2. Run Outlook with the import command:

      & "C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE" /importprf malicious.prf
   
   
   ## Usage
   
   1. Ensure you have Outlook installed and configured on your Windows machine.
   2. Run the PoC script with Python 3.x (requires `pywin32` package):
      ```powershell
      pip install pywin32
      python PoC.py

3. The script will:

   • Inject a mail item with the malicious sync path.
   • Wait 10 seconds for Outlook to process the mail.
   • Scan Inbox and Drafts folders.
   • Upon detection, normalize the path and trigger a system restart (shutdown /r /t 5).

---

Warning

• This script will restart your computer after 5 seconds once the payload is triggered.
• Save all work before running.
• Test only in a controlled or virtualized environment.
• Do NOT run on production or important systems.

---

Files

• PoC.py - The Python proof-of-concept script.
• README.md - This file.

---

License

This PoC is provided for educational and research purposes only.

Use responsibly and ethically.

Reproduce:

href

Source:

href

Buy me a coffee if you are not ashamed:

href

Time spent:

03:35:00