Cyber Posture

CVE-2025-53787

HighRCE

Published: 07 August 2025

Published
07 August 2025
Modified
14 August 2025
KEV Added
Patch
CVSS Score 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS Score 0.0119 78.9th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-53787 is a high-severity Command Injection (CWE-77) vulnerability in Microsoft 365 Copilot Chat. Its CVSS base score is 8.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Messaging Applications (T1213.005); ranked in the top 21.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as Enterprise AI Assistants; in the Privacy and Disclosure risk domain.

The strongest mitigations our analysis identified are NIST 800-53 AU-13 (Monitoring for Information Disclosure) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Messaging Applications (T1213.005). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Requires timely remediation of identified flaws like CVE-2025-53787 through patching as advised by Microsoft, directly preventing exploitation.

SI-10 Information Input Validation good match
prevent

Implements input validation mechanisms to neutralize special elements, directly countering the CWE-77 improper neutralization causing the information disclosure.

AU-13 Monitoring for Information Disclosure good match
detect

Monitors for unauthorized disclosure of sensitive data, enabling detection of exploitation attempts in Microsoft 365 Copilot BizChat.

MITRE ATT&CK Enterprise TechniquesAI

T1213.005 Messaging Applications Collection
Adversaries may leverage chat and messaging applications, such as Microsoft Teams, Google Chat, and Slack, to mine valuable information.
attack.mitre.org →
Why these techniques?

The information disclosure vulnerability in Microsoft 365 Copilot BizChat facilitates unauthorized collection of data from messaging applications, such as business chat data.

NVD Description

Microsoft 365 Copilot BizChat Information Disclosure Vulnerability

Deeper analysisAI

CVE-2025-53787 is an information disclosure vulnerability in Microsoft 365 Copilot BizChat. Published on 2025-08-07, it carries a CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N) and maps to CWE-77, indicating improper neutralization of special elements, likely leading to disclosure of sensitive data.

Unauthenticated attackers can exploit this vulnerability over the network with low complexity and no user interaction required. Successful exploitation enables high-impact confidentiality loss, such as access to sensitive information, alongside low-impact integrity modifications, without affecting availability.

The Microsoft Security Response Center advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53787 provides details on patches and mitigation steps. Security practitioners should consult this resource for deployment guidance.

Details

CWE(s)
CWE-77

Affected Products

microsoft
365 copilot chat
all versions

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
Privacy and Disclosure
OWASP Top 10 for LLMs 2025
None mapped
Classification Reason
Microsoft 365 Copilot is an enterprise AI assistant integrated into Microsoft 365 for business productivity, and BizChat is a specific chat feature within it, making this vulnerability directly related to enterprise AI assistants.

CVEs Like This One

CVE-2025-59272Same product: Microsoft 365 Copilot Chat
CVE-2025-59286Same product: Microsoft 365 Copilot Chat
CVE-2026-26129Same product: Microsoft 365 Copilot Chat
CVE-2026-26164Same product: Microsoft 365 Copilot Chat
CVE-2026-26137Same product: Microsoft 365 Copilot Chat
CVE-2026-26136Same vendor: Microsoft
CVE-2026-26133Same vendor: Microsoft
CVE-2026-21518Same vendor: Microsoft
CVE-2026-21257Same vendor: Microsoft
CVE-2026-21516Same vendor: Microsoft

References