CVE-2025-32711

| EUVD-2025-18114 CRITICAL
2025-06-11 [email protected]
9.3
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
None

Lifecycle Timeline

4
EUVD ID Assigned
Mar 14, 2026 - 21:09 euvd
EUVD-2025-18114
Analysis Generated
Mar 14, 2026 - 21:09 vuln.today
PoC Detected
Feb 20, 2026 - 17:25 vuln.today
Public exploit code
CVE Published
Jun 11, 2025 - 14:15 nvd
CRITICAL 9.3

Tags

Command Injection Microsoft Information Disclosure 365 Copilot

Description

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Analysis

CVE-2025-32711 is an AI command injection vulnerability in Microsoft 365 Copilot that enables unauthenticated network-based attacks to disclose sensitive information without user interaction. The vulnerability affects M365 Copilot deployments and allows attackers to inject malicious commands that bypass normal authorization controls. With a critical CVSS score of 9.3 and no authentication requirement, this poses an immediate risk to organizations using Copilot features; exploitation status and POC availability require confirmation through Microsoft security advisories.

Technical Context

This vulnerability exploits improper input validation in the AI command processing pipeline of Microsoft 365 Copilot, classified under CWE-74 (Improper Neutralization of Special Elements in Output Used by a Downstream Component - Injection). The root cause involves insufficient sanitization of user-supplied input before execution in the Copilot AI inference engine. The attack leverages the natural language processing interface where Copilot interprets user commands, allowing attackers to craft specially-formed prompts that escape intended command boundaries and execute unintended operations. The vulnerability likely affects the cloud-hosted M365 Copilot service (potentially CPE references: cpe:2.7:a:microsoft:365_copilot:*:*:*:*:*:*:*:* or related M365 enterprise components) and impacts the confidentiality control layer through information disclosure pathways.

Affected Products

Microsoft 365 Copilot (all current versions until patch release). Potentially affected components include: M365 Copilot service (web and client applications), organizations with Copilot Pro or enterprise Copilot enabled. CPE likely includes: cpe:2.7:a:microsoft:365_copilot and related variants. Affected versions: Requires confirmation from Microsoft security advisory; typically includes all versions prior to the security update release. Configuration: All deployments with Copilot AI inference enabled are affected. Consult Microsoft Security Update Guide and official M365 security advisories for definitive version mapping and patch availability.

Remediation

Immediate actions: (1) Apply security updates from Microsoft as released—monitor Microsoft Security Update Guide and M365 Copilot security advisories for patch version numbers; (2) For unpatched environments, consider temporarily disabling Copilot features if feasible until patches are available; (3) Implement network-based controls to restrict Copilot API endpoints to authorized internal traffic only; (4) Enable enhanced logging and monitoring of Copilot command execution to detect injection attempts; (5) Review M365 admin center for audit logs related to Copilot usage anomalies. Workarounds (pending patch): Restrict Copilot access to specific user groups, disable Copilot in sensitive data contexts, implement additional input validation at the application layer. Links: Await Microsoft Security Response Center (MSRC) advisory at https://msrc.microsoft.com/ and M365 Admin Center security alerts.

Priority Score

50
Low Medium High Critical
KEV: 0
EPSS: +3.4
CVSS: +46
POC: +20

Share

CVE-2025-32711 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy