AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
According to the CVSS metric, the attack vector is network (AV:N) and user interaction is required (UI:R). Why does the CVE title indicate that this is information disclosure? An attacker who successfully exploited this vulnerability could use malicious email to cause Copilot to present authoritative‑looking phishing messages that prompt the user to click links leading to data exfiltration or navigation to a malicious site. According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), and some loss of integrity (I:L), but no loss of availability (A:N). What does that mean for this vulnerability? An attacker who successfully exploited this vulnerability could potentially view sensitive information (confidentiality) or make limited changes to disclosed information (integrity); however, it is unlikely that both would be impacted simultaneously, and the attacker would not be able to affect availability.
Andi Ahmeti <a href="(https://www.linkedin.com/in/andi-ahmeti/)"></a> with Permiso Security <a href="(https://permiso.io/)/"></a>