AI description
CVE-2025-32711 is a command injection vulnerability affecting Microsoft 365 Copilot. It allows an unauthorized attacker to disclose information over a network. The vulnerability, dubbed "EchoLeak," is a zero-click AI vulnerability, meaning it can be exploited without any user interaction. The attack involves embedding a malicious prompt payload within markdown-formatted content, such as an email. When the AI system's retrieval-augmented generation (RAG) engine parses this content, the payload silently triggers the LLM to extract and return private information from the user's current context. This could potentially expose sensitive data, including chat histories, OneDrive documents, SharePoint content, and Teams conversations. Microsoft has addressed this vulnerability.
- Description
- Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
- Source
- secure@microsoft.com
- NVD status
- Awaiting Analysis
- CNA Tags
- exclusively-hosted-service
CVSS 3.1
- Type
- Primary
- Base score
- 9.3
- Impact score
- 4.7
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
- Severity
- CRITICAL
- secure@microsoft.com
- CWE-77
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
39
A critical new vulnerability — CVE-2025-32711 (CVSS: 9.3), dubbed EchoLeak — has officially introduced us to a new class of AI threat: the LLM Scope Violation. This is the first known zero-click attack targeting agentic AI systems like Microsoft 365 Copilot, and it changes th
@cytexsmb
13 Jun 2025
303 Impressions
1 Retweet
5 Likes
4 Bookmarks
2 Replies
5 Quotes
「EchoLeak」AI攻撃によりMicrosoft 365 Copilotから機密データが盗まれる(CVE-2025-32711) https://t.co/I4XeLu2kgv #Security #セキュリティ #ニュース
@SecureShield_
13 Jun 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32711
@transilienceai
12 Jun 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚀🔓 Microsoft 365 Copilot: 𝙴𝚌𝚑𝚘𝙻𝚎𝚊𝚔 – 𝚣𝚎𝚛𝚘-𝚌𝚕𝚒𝚌𝚔 𝙰𝙸 𝚟𝚞𝚕𝚗 𝚝𝚑𝚊𝚝 𝚕𝚎𝚊𝚔𝚜 𝚢𝚘𝚞𝚛 𝚙𝚛𝚒𝚟𝚊𝚝𝚎 𝚙𝚛𝚘𝚖𝚙𝚝𝚜 🔓🚀 #cyber_security_highligh
@MahRabie
12 Jun 2025
53 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32711: AI-Powered Microsoft 365 Copilot Hit by Zero-Click Flaw #EchoLeak #CVE202532711 #Microsoft365 #CopilotVulnerability #AIsecurity #ZeroClickExploit #CyberSecurity #DataLeak #LLMSecurity #ToolPoisoning https://t.co/OXkgMqJ4se
@cyashadotcom
12 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 تقنية هجوم جديدة تُدعى EchoLeak تُصنَّف كـ"ثغرة ذكاء اصطناعي" تتيح للمتسللين استخراج بيانات حساسة من Microsoft 365 Copilot دون تفاعل المستخدم. تم تصنيف هذه الثغرة حر
@Cybercachear
12 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Zero-click AI exploit in Microsoft 365 Copilot (CVE-2025-32711, CVSS 9.3) lets attackers steal sensitive data silently via email—no user interaction needed. Details ↓ https://t.co/Dd8HLr6XAQ Already patched, but shows serious AI security risks ahead.
@TheHackersNews
12 Jun 2025
22102 Impressions
84 Retweets
226 Likes
89 Bookmarks
4 Replies
7 Quotes
Microsoft 365 CopilotでゼロクリックのAIデータ漏洩脆弱性が発見される(CVE-2025-32711) https://t.co/ueIZoByK0m #Security #セキュリティ #ニュース
@SecureShield_
12 Jun 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Microsoft 365 CopilotでゼロクリックのAIデータ漏洩"EchoLeak"が発見された。CVE-2025-32711を採番。悪性メールに見えないプロンプトインジェクションを仕込むもの。Copilotに質問した際にRAGでLLMプロンプトに取り込まれ
@__kokumoto
12 Jun 2025
2171 Impressions
6 Retweets
21 Likes
6 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-32711
@transilienceai
12 Jun 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot https://t.co/xlouqx6uhv #AIsecurity #Copilot #LLMsecurity #cve #CVE-2025-32711 #cybersecurity #Microsoft365
@NSIguy
11 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Zero-click AI data leak flaw, EchoLeak, exploits Microsoft 365 Copilot’s vulnerabilities, allowing data exfiltration via malicious prompts. Microsoft patched CVE-2025-32711 in May. Highlights risks of LLM Scope Violation 🚨 #DataLeak #Microsoft https://t.co/ZlOjD3ciTT
@TweetThreatNews
11 Jun 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32711 Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network. https://t.co/Od61AbXDfh
@CVEnew
11 Jun 2025
111 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-32711: CRITICAL] Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.#cve,CVE-2025-32711,#cybersecurity https://t.co/IJp7WifGXC https://t.co/MD2kYKHqDP
@CveFindCom
11 Jun 2025
64 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes