Microsoft Teams: Remote Code Execution (RCE) vulnerability

TeamsA little note about security on Microsoft Teams. Two security researchers @adm1nkyj1 and @jinmo123 participated in pwn2own 2022 in Vancouver. There they tried to hack Microsoft Teams, but failed due to time allocation. Both discovered a bug that allowed an exploit. The deeplink handler for /l/task/:appId in Microsoft Teams can load an arbitrary url in Webview/iframe. Attackers can exploit this using Teams' RPC functionality to execute code outside the sandbox. The security researchers have shared the details in this blog post. Thanks to Jan R. for pointing this out.


Advertising

This entry was posted in Security, Software and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).