—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Information Disclosure Vulnerability in Microsoft Teams

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Microsoft Teams

Overview

A vulnerability has been reported in Microsoft Teams, which could be exploited by an attacker to disclose sensitive information.

Target Audience:

Organizations and enterprises using Microsoft Teams for internal communication and collaboration.

Risk Assessment:

High risk of unauthorized access to meetings, chats, and shared files if misconfigured or improperly secured.

Impact Assessment:

Potential exposure of sensitive business information and data leakage.

Description

Microsoft Teams is a cloud-based collaboration platform integrated with Microsoft 365 that enables messaging, meetings, calling, and file sharing.

This vulnerability exists in Microsoft Teams due to Improper Access Control. Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information over a network.

Solution

Apply appropriate updates as mentioned:

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21535

Vendor Information

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21535

References

Microsoft

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21535

CVE Name

CVE-2026-21535

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmmfE40ACgkQ3jCgcSdc

ys8v8Q/9FwSONY7E0vxJuTJcmB3hJMlm9EsufakBM594us4u9vN83ux1zE4NUrMF

tgvm3C6poNzHR0idBb4kio+pWUhxELdrWY4uHBlk6LqvqIfSh+xJxvr/eVOity2d

P/QxI9cOPVwgMX9lG/rEb0BtThX91lbuugeouJDgYZ6yvrKo5iGZHRk2jid4bfFR

oa5IDJ3wot4VfBgPxYyfwMmJRxAG8/2Hbis+qFB/8kmM9wE50CbELQySFg5lf8h2

8cMY81ElWEW5OdsHGcpPYoJE1RkxgzPYgtZ33vKt0CtEi2lsBeOPyarZk4/1tEMF

1wBDpDxnqRdjEmnx3+QQzPHALQBQZGUXKn1q6zAzDBm5n5IbjJfcyRu9MBm3bS38

llQHMCBSB4kptiMtwf+J8T+2SuciJN/x/qBEjSDf5Z2iqyEZs/Uo0K03DPcSozsR

h5sBizrHLfZfTnxULL+sc4bJWz2Xm9AhmbRhFfeMe3378a098+XtTnQiByPLC7yB

hN7FAidCsh1OMUbiVoSydZSIsWm7ekMUGo3ynyfr0we+cnjD7arwAJQM44wfvM1M

S8Yy0Rig7/noqc/Wk3Wse4+E0/BePu5ddJ9zKXADIQsjVOdClMV94+FLeCfUmC9C

N+TCTaIBctdofWJvk3MAUP6H6sE3DxAT2Sr+4OtWw/4kSDhIrmI=

=ZPpI

—–END PGP SIGNATURE—–