Category Archives: Advisories

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. No user interaction is required if the attacker and target are in the same Teams organization.

Advisories

ZDI-22-1609: (Pwn2Own) Microsoft Teams chat Client-Side Template Injection Remote Code Execution Vulnerability

November 21, 2022

Read Time:9 Second

Advisories

ZDI-22-1608: (Pwn2Own) Microsoft Teams URL Allowlist Bypass Remote Code Execution Vulnerability

November 21, 2022

Read Time:11 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Teams. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-22-1607: (Pwn2Own) Microsoft Teams Unnecessary Privileges Privilege Escalation Vulnerability

November 21, 2022

Read Time:10 Second

This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute script within the application window in order to exploit this vulnerability.

Advisories

ZDI-22-1606: (Pwn2Own) Microsoft Teams pluginHost Sandbox Escape Vulnerability

November 21, 2022

Read Time:11 Second

This vulnerability allows remote attackers to escape the sandbox on affected installations of Microsoft Teams. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Advisories

ZDI-22-1605: (Pwn2Own) Microsoft Teams WebView Incorrect Privilege Assignment Remote Code Execution Vulnerability

November 21, 2022

Read Time:12 Second

News, Advisories and much more

Exit mobile version