Cyber Posture

CVE-2026-24307

Critical

Published: 22 January 2026

Published
22 January 2026
Modified
12 February 2026
KEV Added
Patch
CVSS Score 9.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
EPSS Score 0.0013 31.7th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Description

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Timely application of vendor patches and updates directly remediates the improper input validation flaw in M365 Copilot as detailed in the MSRC guide.

SI-10 Information Input Validation good match
prevent

Enforces organization-defined input validation at interfaces to prevent exploitation of improper type validation in user-supplied prompts or files to Copilot.

SI-5 Security Alerts, Advisories, and Directives good match
prevent

Receiving and implementing security alerts and directives from Microsoft ensures prompt awareness and action on mitigations for this critical CVE.

Security SummaryAI

CVE-2026-24307 is an improper validation of specified type of input vulnerability, classified under CWE-1287, affecting Microsoft 365 Copilot. Published on 2026-01-22, it carries a CVSS v3.1 base score of 9.3 (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N), marking it as critical due to its network accessibility, low complexity, lack of privilege requirements, and potential for high impacts on confidentiality and integrity across a changed scope.

An unauthorized attacker can exploit this vulnerability remotely over the network by tricking a user into interacting with malicious input, such as through a crafted prompt or file. Successful exploitation enables the attacker to disclose sensitive information and potentially manipulate data integrity, though it does not impact availability.

Microsoft's Security Response Center update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24307 details the vulnerability, including recommended mitigations and available patches.

Details

CWE(s)
CWE-1287

Affected Products

microsoft
365 copilot
all versions

AI Security AnalysisAI

AI Category
Enterprise AI Assistants
Risk Domain
N/A
OWASP Top 10 for LLMs 2025
None mapped
MITRE ATLAS Techniques
None mapped
Classification Reason
Matched keywords: copilot

MITRE ATT&CK Enterprise TechniquesAI

T1213.002 Sharepoint Collection
Adversaries may leverage the SharePoint repository as a source to mine valuable information.
attack.mitre.org →
T1114.002 Remote Email Collection Collection
Adversaries may target an Exchange server, Office 365, or Google Workspace to collect sensitive information.
attack.mitre.org →
T1565.001 Stored Data Manipulation Impact
Adversaries may insert, delete, or manipulate data at rest in order to influence external outcomes or hide activity, thus threatening the integrity of the data.
attack.mitre.org →
T1566.001 Spearphishing Attachment Initial Access
Adversaries may send spearphishing emails with a malicious attachment in an attempt to gain access to victim systems.
attack.mitre.org →
Why these techniques?

The improper input validation in Microsoft 365 Copilot enables crafted prompts/files (delivered via spearphishing attachment/link) to disclose sensitive M365 data like SharePoint content and remote emails, and manipulate stored data integrity.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

References