CVE-2025-53774
Published: 07 August 2025
Summary
CVE-2025-53774 is a medium-severity Command Injection (CWE-77) vulnerability in Microsoft 365 Copilot Chat. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Messaging Applications (T1213.005); ranked in the top 15.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.
Deeper analysis
Microsoft 365 Copilot BizChat contains an information disclosure vulnerability tracked as CVE-2025-53774. The flaw is rated 6.5 under CVSS 3.1 with a vector of AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N and is associated with CWE-77, indicating improper neutralization of special elements that can lead to command injection. It affects the BizChat component of Microsoft 365 Copilot and was published on 7 August 2025.
An unauthenticated attacker with network access can exploit the issue without user interaction or credentials. Successful exploitation allows partial disclosure of information along with limited integrity impact on the affected Copilot service.
The official advisory published by Microsoft at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53774 provides remediation guidance. The EPSS score remains flat at 0.0201 with no material increase observed after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-23956
Vulnerability details
Microsoft 365 Copilot BizChat Information Disclosure Vulnerability
- CWE(s)
AI Security AnalysisAI
- AI Category
- Enterprise AI Assistants
- Risk Domain
- Privacy and Disclosure
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: microsoft 365 copilot
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The information disclosure vulnerability in Microsoft 365 Copilot BizChat enables collection of data from a messaging application.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.