CVE-2025-32711

Published Jun 11, 2025

Last updated 20 days ago

CVSS critical 9.3
Microsoft 365 Copilot

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-32711 is a command injection vulnerability affecting Microsoft 365 Copilot. It allows an unauthorized attacker to disclose information over a network. The vulnerability, dubbed "EchoLeak," is a zero-click AI vulnerability, meaning it can be exploited without any user interaction. The attack involves embedding a malicious prompt payload within markdown-formatted content, such as an email. When the AI system's retrieval-augmented generation (RAG) engine parses this content, the payload silently triggers the LLM to extract and return private information from the user's current context. This could potentially expose sensitive data, including chat histories, OneDrive documents, SharePoint content, and Teams conversations. Microsoft has addressed this vulnerability.

Description
Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Source
secure@microsoft.com
NVD status
Analyzed
CNA Tags
exclusively-hosted-service

Risk scores

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

secure@microsoft.com
CWE-77

Social media

Hype score
Not currently trending

  1. EchoLeak: Der erste Zero-Click-Angriff auf Microsoft Copilot ist real (CVE-2025-32711). Kein Klick, kein Link – nur eine Mail im Posteingang. Copilot leakt interne Daten an Angreifer-URLs. AI macht nur ihren Job – aber im falschen System. Patch bereits ausgerollt. https://t.c

    @NikoStapels

    16 Jul 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. هام للغاية .. ويرجى الإنتباه 😱 ثغرة CVE-2025-32711 اللي صارت الأسبوع الماضي ثغرة امنية حرجة في الذكاء الاصطناعي ،بصراحة شي يخوّف ويعتبر سابقة بتاريخ الهجمات ال

    @JQCYBER

    11 Jul 2025

    378 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    1 Reply

    0 Quotes

  3. 🚨 #CVE-2025-32711 (EchoLeak): The Zero-Click #AI Prompt Injection Threat https://t.co/WzJIrm3kdd Educational Purposes!

    @UndercodeUpdate

    10 Jul 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 #Echoleak (CVE-2025-32711) is more than a vulnerability—it’s a warning. Prompt-level security alone can’t stop indirect injections or protect sensitive data. You need layers: secure data early, control AI retrieval, and monitor all AI events. Read more: https://t.co/Yw

    @SecuritiAI

    2 Jul 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-32711 - Microsoft - M365 Copilot Information Disclosure Vulnerability via Prompt Injection https://t.co/niqadQpzfz

    @puneetx

    2 Jul 2025

    75 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Top 5 Trending CVEs: 1 - CVE-2025-32711 2 - CVE-2024-51978 3 - CVE-2025-6430 4 - CVE-2025-32433 5 - CVE-2020-9547 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W

    @CVEShield

    29 Jun 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. You’ve probably seen EchoLeak (CVE-2025-32711) making the rounds. But if you build or secure AI-powered features, don’t just scroll past it. This was a zero-click, full-chain exploit against Copilot — and a case study in why traditional AppSec isn’t enough for LLMs. Dive

    @CheckmarxZero

    26 Jun 2025

    105 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

  8. A critical zero-click flaw named EchoLeak (CVE-2025-32711, CVSS 9.3) in Microsoft 365 Copilot allowed attackers to silently steal sensitive data using malicious prompts hidden in emails or documents. No clicks needed—Copilot’s AI mixed the attacker’s input with internal dat

    @smart_c_intel

    20 Jun 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  9. Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction EchoLeak (CVE-2025-32711) is a zero-click AI flaw in M365 Copilot that let attackers steal data without user action—now patched by Microsoft. #CyberSecurity Read More: https://t.co/DgPfCXH2

    @pinakinit1

    19 Jun 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. 🤯 A zero-click flaw 'EchoLeak' (CVE-2025-32711) found by Aim Security in MS 365 Copilot meant data theft with no user action! Microsoft patched it. Timely updates & strong security are vital. 🔐 #Cybersecurity https://t.co/iSLkzGU8EV

    @dztaltraveller

    18 Jun 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 1 email, 0 clicks, infinite leaks Microsoft copilot got exploited with a prompt injection to exfiltrate sensitive data (CVE-2025-32711). - Attacker sends an email with malicious instructions - Copilot performs RAG on it - GG prompt instructions Sanitize your inputs!

    @_colemurray

    16 Jun 2025

    902 Impressions

    1 Retweet

    12 Likes

    1 Bookmark

    1 Reply

    0 Quotes

  12. CVE-2025-32711 - Indirect Prompt Injection - Copilot AI Attack technique: Echoleak (echo - give bakc infos + leak) **zero-click**

    @ghostbugste

    16 Jun 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 「メールを送るだけ」でAI悪用攻撃可なMicrosoft 365 Copilotの脆弱性。緊急で対策済み - PC Watch https://t.co/icxdcV7Q8E ・重大なゼロクリックAI脆弱性・EchoLeakを発見 ・CVE-2025-32711 ・Microsoft対策済み

    @level01K

    15 Jun 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 🚨 Zero-click AI exploit in Microsoft 365 Copilot (CVE-2025-32711, CVSS 9.3) lets attackers steal sensitive data silently via email—no user interaction needed.

    @StreetWalker212

    15 Jun 2025

    84 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. これは新しい脅威として、広く認識されるべきですね...。 --- Microsoft 365 CopilotでAIのデータをゼロクリックで漏洩させる脆弱性が発見される: CVE-2025-32711 https://t.co/dEUlRPOxiH

    @done_vrc

    15 Jun 2025

    73 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  16. EchoLeak(CVE-2025-32711)の件は、頭の痛い話だなぁ

    @hisao8000

    14 Jun 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. A critical new vulnerability — CVE-2025-32711 (CVSS: 9.3), dubbed EchoLeak — has officially introduced us to a new class of AI threat: the LLM Scope Violation. This is the first known zero-click attack targeting agentic AI systems like Microsoft 365 Copilot, and it changes th

    @cytexsmb

    13 Jun 2025

    386 Impressions

    1 Retweet

    5 Likes

    4 Bookmarks

    2 Replies

    4 Quotes

  18. Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction. The critical-rated vulnerability has been assigned the CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been already addressed by Microsoft. https://t.co/rbrMEXKgaY h

    @riskigy

    13 Jun 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. CVE-2025-32711 : Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction https://t.co/nkIkqS4ls7 https://t.co/RlXkxxvtpO

    @freedomhack101

    13 Jun 2025

    72 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  20. Actively exploited CVE : CVE-2025-32711

    @transilienceai

    13 Jun 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  21. Microsoft CopilotでAI史上初の「ゼロクリック攻撃(EchoLeeak)」が発生しました。メールの受信を起点としたものですが、受け取るだけで攻撃を受ける可能性があり、検出は困難です。対策済みですが、どのような攻

    @kumahiyo_fac

    13 Jun 2025

    110 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    1 Quote

  22. 「EchoLeak」AI攻撃によりMicrosoft 365 Copilotから機密データが盗まれる(CVE-2025-32711) https://t.co/I4XeLu2kgv #Security #セキュリティ #ニュース

    @SecureShield_

    13 Jun 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. Actively exploited CVE : CVE-2025-32711

    @transilienceai

    12 Jun 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  24. 🚀🔓 Microsoft 365 Copilot: 𝙴𝚌𝚑𝚘𝙻𝚎𝚊𝚔 – 𝚣𝚎𝚛𝚘-𝚌𝚕𝚒𝚌𝚔 𝙰𝙸 𝚟𝚞𝚕𝚗 𝚝𝚑𝚊𝚝 𝚕𝚎𝚊𝚔𝚜 𝚢𝚘𝚞𝚛 𝚙𝚛𝚒𝚟𝚊𝚝𝚎 𝚙𝚛𝚘𝚖𝚙𝚝𝚜 🔓🚀 #cyber_security_highligh

    @MahRabie

    12 Jun 2025

    53 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  25. CVE-2025-32711: AI-Powered Microsoft 365 Copilot Hit by Zero-Click Flaw #EchoLeak #CVE202532711 #Microsoft365 #CopilotVulnerability #AIsecurity #ZeroClickExploit #CyberSecurity #DataLeak #LLMSecurity #ToolPoisoning https://t.co/OXkgMqJ4se

    @cyashadotcom

    12 Jun 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. 📌 تقنية هجوم جديدة تُدعى EchoLeak تُصنَّف كـ"ثغرة ذكاء اصطناعي" تتيح للمتسللين استخراج بيانات حساسة من Microsoft 365 Copilot دون تفاعل المستخدم. تم تصنيف هذه الثغرة حر

    @Cybercachear

    12 Jun 2025

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. 🚨 Zero-click AI exploit in Microsoft 365 Copilot (CVE-2025-32711, CVSS 9.3) lets attackers steal sensitive data silently via email—no user interaction needed. Details ↓ https://t.co/Dd8HLr6XAQ Already patched, but shows serious AI security risks ahead.

    @TheHackersNews

    12 Jun 2025

    22102 Impressions

    84 Retweets

    226 Likes

    89 Bookmarks

    4 Replies

    7 Quotes

  28. Microsoft 365 CopilotでゼロクリックのAIデータ漏洩脆弱性が発見される(CVE-2025-32711) https://t.co/ueIZoByK0m #Security #セキュリティ #ニュース

    @SecureShield_

    12 Jun 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. Microsoft 365 CopilotでゼロクリックのAIデータ漏洩"EchoLeak"が発見された。CVE-2025-32711を採番。悪性メールに見えないプロンプトインジェクションを仕込むもの。Copilotに質問した際にRAGでLLMプロンプトに取り込まれ

    @__kokumoto

    12 Jun 2025

    2171 Impressions

    6 Retweets

    21 Likes

    6 Bookmarks

    0 Replies

    0 Quotes

  30. Actively exploited CVE : CVE-2025-32711

    @transilienceai

    12 Jun 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  31. Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot https://t.co/xlouqx6uhv #AIsecurity #Copilot #LLMsecurity #cve #CVE-2025-32711 #cybersecurity #Microsoft365

    @NSIguy

    11 Jun 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. Zero-click AI data leak flaw, EchoLeak, exploits Microsoft 365 Copilot’s vulnerabilities, allowing data exfiltration via malicious prompts. Microsoft patched CVE-2025-32711 in May. Highlights risks of LLM Scope Violation 🚨 #DataLeak #Microsoft https://t.co/ZlOjD3ciTT

    @TweetThreatNews

    11 Jun 2025

    51 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. CVE-2025-32711 Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. https://t.co/Od61AbXDfh

    @CVEnew

    11 Jun 2025

    111 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  34. [CVE-2025-32711: CRITICAL] Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.#cve,CVE-2025-32711,#cybersecurity https://t.co/IJp7WifGXC https://t.co/MD2kYKHqDP

    @CveFindCom

    11 Jun 2025

    64 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.