Cyber Security Application Security Worm-like RCE vulnerability found in Microsoft Teams

Worm-like RCE vulnerability found in Microsoft Teams


Oskars Vegeris, a security researcher at Evolution Gaming, discovered a remote code execution vulnerability in the Microsoft Teams enterprise platform that requires no user interaction. The exploitation of the vulnerability allows an attacker to execute arbitrary code by sending a specially crafted chat message and compromise the victim’s system.

The exploitation of the vulnerability results in “a complete loss of confidentiality and integrity for end users – access to private chats, files, internal network, private keys and personal data outside MS Teams.”

Even worse, the RCE vulnerability is cross-platform and affects versions of Microsoft Teams for Windows (v1.3.00.21759), Linux (v1.3.00.16851), macOS (v1.3.00.23764), as well as a web application ( .com). The vulnerability is also worm-like and can spread from a single account to an entire group of users, thereby compromising the entire communication channel.

To exploit the vulnerability, an attacker could combine a cross-site scripting vulnerability in the @mentions functionality in Microsoft Teams and a JavaScript-based RCE payload to publish a seemingly harmless chat message that mentions a user in the form of a direct message or channel.

A simple visit to the chat will execute the payload, allowing it to be used to register user SSO tokens in local storage to steal data and execute any command of the attacker’s choice

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you