Microsoft Teams Remote Code Execution Vulnerability
CVE-2023-29330

8.8HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Teams For Desktop; Microsoft Teams For Android; Microsoft Teams For Mac; Microsoft Teams For iOS
Vendor: CVE Published:; 8 August 2023

What is CVE-2023-29330?

A remote code execution vulnerability has been identified in Microsoft Teams, which could allow an attacker to run arbitrary code on the affected system. This vulnerability poses significant security risks as it may enable unauthorized control over user systems. It is critical for organizations using Microsoft Teams to review their security protocols and apply available patches to mitigate potential exploitation.

Affected Version(s)

Microsoft Teams for Android Unknown 1.0.0 < 1.0.0.2023070204

Microsoft Teams for Desktop Unknown 1.0.0 < 1.6.00.18681

Microsoft Teams for iOS Unknown 2.0.0 < 5.12.1

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...

vendor-advisory

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 8, 2023
Vulnerability Reserved
Apr 4, 2023