Description
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
E
Unchanged
RL
O
RC
Changed
Affected products
- Microsoft / Microsoft Teams for Android1.0.0 – 1.0.0.2025112902
- Microsoft / Microsoft Teams for Desktop1.0.0 – 25060212643
- Microsoft / Microsoft Teams for iOS2.0.0 – 7.10.1 (100772025102901)