CVE-2025-49731
published 2025-07-08CVE-2025-49731: Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
low3.1CVSS 3.1
AVNACHPRLUINSUCLINAN
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_teams_for_android | >= 1.0.0 < 1.0.0.2025112902 | 1.0.0.2025112902 |
| microsoft | microsoft_teams_for_desktop | >= 1.0.0 < 25060212643 | 25060212643 |
| microsoft | microsoft_teams_for_ios | >= 2.0.0 < 7.10.1 (100772025102901) | 7.10.1 (100772025102901) |
| microsoft | teams | < 1.0.0.2025112902 | 1.0.0.2025112902 |
| microsoft | teams | < 7.10.1 | 7.10.1 |
| msrc | microsoft_teams_for_android | — | — |
| msrc | microsoft_teams_for_desktop | — | — |
| msrc | microsoft_teams_for_ios | — | — |