Cyber Resilience

CVE-2025-53787

HighRCE

Published: 07 August 2025

Published
07 August 2025
Modified
14 August 2025
KEV Added
Patch
CVSS Score v3.1 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS Score 0.0279 86.4th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-53787 is a high-severity Command Injection (CWE-77) vulnerability in Microsoft 365 Copilot Chat. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Messaging Applications (T1213.005); ranked in the top 13.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AU-13 (Monitoring for Information Disclosure) and SI-10 (Information Input Validation).

Deeper analysis

Microsoft 365 Copilot BizChat contains an information disclosure vulnerability tracked as CVE-2025-53787 and assigned CWE-77. The flaw affects the BizChat component of Microsoft 365 Copilot and carries a CVSS 3.1 base score of 8.2 reflecting network attack vector, low attack complexity, no required privileges or user interaction, and high confidentiality impact with limited integrity impact.

An unauthenticated remote attacker can exploit the issue over the network to obtain sensitive information from the affected Copilot instance while also achieving limited integrity changes. The absence of authentication and user-interaction requirements allows the attack to be launched directly against exposed endpoints.

The official Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53787 provides mitigation guidance and patch availability details for affected Microsoft 365 Copilot deployments. The associated EPSS score remains low and unchanged at 0.0279 with no observed increase after disclosure.

EU & UK References

Vulnerability details

Microsoft 365 Copilot BizChat Information Disclosure Vulnerability

CWE(s)

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Matched keywords: microsoft 365 copilot

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1213.005 Messaging Applications Collection
Adversaries may leverage chat and messaging applications, such as Microsoft Teams, Google Chat, and Slack, to mine valuable information.
Why these techniques?

The information disclosure vulnerability in Microsoft 365 Copilot BizChat facilitates unauthorized collection of data from messaging applications, such as business chat data.

CVEs Like This One

CVE-2025-59272Same product: Microsoft 365 Copilot Chat
CVE-2025-59286Same product: Microsoft 365 Copilot Chat
CVE-2026-26164Same product: Microsoft 365 Copilot Chat
CVE-2026-26129Same product: Microsoft 365 Copilot Chat
CVE-2026-26137Same product: Microsoft 365 Copilot Chat
CVE-2026-21518Same vendor: Microsoft
CVE-2026-21516Same vendor: Microsoft
CVE-2026-21257Same vendor: Microsoft
CVE-2026-21520Same vendor: Microsoft
CVE-2026-26136Same vendor: Microsoft

Affected Assets

microsoft
365 copilot chat
all versions

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely remediation of identified flaws like CVE-2025-53787 through patching as advised by Microsoft, directly preventing exploitation.

prevent

Implements input validation mechanisms to neutralize special elements, directly countering the CWE-77 improper neutralization causing the information disclosure.

detect

Monitors for unauthorized disclosure of sensitive data, enabling detection of exploitation attempts in Microsoft 365 Copilot BizChat.

References