Описание
Microsoft Teams for iOS Spoofing Vulnerability
FAQ
According to the CVSS metric, successful exploitation of this vulnerability could lead to some loss of confidentiality (C:L) and integrity (I:L) but does not impact availability (A:N)? What does that mean for this vulnerability?
The attacker is only able to modify the sender's name of Teams message (I:L) and through social engineering, attempt to trick the recipient into disclosing information (C:L). The availability of the product cannot be affected (A:N).
How do I get the update for Microsoft Teams for iOS?
- Tap the Settings icon
- Tap the** iTunes & App Store**
- Turn on AUTOMATIC DOWNLOADS for Apps
Alternatively
- Tap the** App Store** icon
- Scroll down to find Microsoft Teams
- Tap the Update button
How do I get the update for Teams for Android?
- Tap the Play Store icon on your home screen.
- Tap the circular account icon at the top right of the screen.
- Tap Manage apps & devices.
- Tap Updates available.
- Tap the Update button next to the Microsoft Teams app.
Is there a direct link on the web?
Yes: https://play.google.com/store/apps/details?id=com.microsoft.teams
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Microsoft Teams for iOS Spoofing Vulnerability
Уязвимость корпоративной платформы Microsoft Teams операционной системы IOS, позволяющая нарушителю проводить спуфинг-атаки
EPSS
6.5 Medium
CVSS3