Microsoft Teams for iOS Spoofing Vulnerability
CVE-2024-38197

6.5MEDIUM

Key Information:

Vendor

Microsoft
Status
Microsoft Teams For iOS
Vendor
CVE Published:
13 August 2024

Badges

đź“° News Worthy

What is CVE-2024-38197?

A spoofing vulnerability has been identified in Microsoft Teams for iOS, posing a significant risk to user identity and information security. This vulnerability allows an attacker to impersonate legitimate users within the application, potentially leading to unauthorized access to sensitive data and user trust issues. Users of Microsoft Teams for iOS should be aware of the implications of this vulnerability and take necessary precautions to safeguard their accounts and data, as the impact of successful exploitation can lead to serious security breaches.

Affected Version(s)

Microsoft Teams for iOS Unknown 2.0.0 < 7.13.0

News Articles

favicon imageThe Hacker News

Microsoft Teams Bugs Let Attackers Impersonate Colleagues and Edit Messages Unnoticed

Four Microsoft Teams flaws let attackers impersonate coworkers and manipulate chats before patches.

3 weeks ago

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE...
vendor-advisory

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

JSON
.