Multiple Microsoft 365 Copilot Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-53787 CVSS:8.2

Microsoft 365 Copilot Business Chat could allow a remote attacker to obtain sensitive information, caused by a command injection vulnerability.

CVE-2025-53774 CVSS:6.5

Microsoft 365 Copilot Business Chat could allow a remote attacker to obtain sensitive information, caused by a command injection vulnerability.

Impact

Information Disclosure

Indicators of Compromise

CVE

CVE-2025-53787
CVE-2025-53774

Affected Vendors

Microsoft

Affected Products

Microsoft 365 Copilot Business Chat

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2025-53787

CVE-2025-53774

Earth Preta aka Mustang Panda APT Group – Active IOCs

The Role of Artificial Intelligence in Automated Incident Response

Multiple Microsoft 365 Copilot Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan