Press Release

Tenable Research Finds Severe Flaw in Microsoft Teams that Could Allow Attackers to Impersonate End-User Accounts  

Tenable Research today disclosed a severe vulnerability in the Microsoft Teams chat service. The flaw, discovered by Evan Grant of Tenable’s Zero-Day Research team, could give attackers control over an end-user’s account and enable access to files in their OneDrive storage.

Exploiting the flaw could also allow attackers to impersonate an end-user to obtain confidential information such as internal-only corporate documents, PII, or anything else transmitted via chat, email, or shared through OneDrive or Sharepoint.

According to Microsoft, Teams reached 145 million daily active users in March 2021, roughly a 90% increase in the last twelve months. The growth is largely driven by a surge in remote work, with many enterprises rushing to make cloud-based communication and collaboration as simple as possible.

“This vulnerability could be leveraged by a threat actor in a number of different scenarios including reading team chats, sending emails and messages as if from another trusted user, and even accessing, downloading or tampering with files. While the attacker would need to be an authenticated user in the target organisation, the potential threat to sensitive information and confidential conversations poses a serious business risk,” explains Evan Grant, staff research engineer of Tenable. “We’re all warned to distrust communications from an external source, but vulnerabilities like this reveal the potential threat posed by the platforms, people and teams we trust.”

Microsoft has implemented a solution to this issue and no further action is needed from end-users. In its detailed blog post about the discovery, Tenable Research has also included potential indicators of compromise.

There are also attack simulation videos available here and here.

About Tenable

Tenable® is the Cyber Exposure company. Over 30,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include more than 50 percent of the Fortune 500, more than 30 percent of the Global 2000 and large government agencies. Learn more at

Leave a Response