A high-severity vulnerability has been identified in the Microsoft 365 Copilot BizChat feature, which could allow an attacker to access sensitive information. Successful exploitation could lead to an unauthorized user viewing confidential company data, such as internal documents and communications, that they would normally not have permission to see. This represents a significant risk of a data breach for organizations utilizing this feature.

This is an information disclosure vulnerability within the Microsoft 365 Copilot BizChat service. The vulnerability exists because the service fails to properly enforce user-level permissions when processing queries that reference underlying data sources like SharePoint, OneDrive, and Teams. An authenticated but low-privileged attacker within the organization's tenant could craft specialized prompts to the BizChat AI, tricking it into retrieving and displaying sensitive information from files and conversations that the attacker is not authorized to access.

This vulnerability is rated as High severity with a CVSS score of 8.2, reflecting the significant risk it poses to data confidentiality. Exploitation could lead to the unauthorized access and potential exfiltration of highly sensitive corporate data, including intellectual property, financial records, employee or customer Personally Identifiable Information (PII), and strategic plans. The consequences of such a breach include severe reputational damage, regulatory fines under frameworks like GDPR, loss of competitive advantage, and potential legal action.

Immediate Action: Apply the security updates released by Microsoft across all affected systems immediately. Following the update, security teams should actively monitor for any signs of exploitation attempts by reviewing access logs for anomalous activity related to the Copilot BizChat service.

Proactive Monitoring: Review Microsoft 365 audit logs, focusing specifically on Copilot interactions. Look for unusual query patterns, a high volume of interactions from a single user, or queries targeting known sensitive data repositories. Configure alerts for users accessing data outside of their typical job function or business hours.

Compensating Controls: If immediate patching is not feasible, consider temporarily disabling the BizChat feature for all or a subset of non-essential users via the Microsoft 365 admin center. Additionally, organizations should enforce the principle of least privilege by reviewing and tightening access permissions on underlying SharePoint, OneDrive, and Teams data sources to limit the potential scope of information exposure.

Public Exploit Available: false

This vulnerability presents a significant risk of a confidential data breach and must be addressed with urgency. Given the high CVSS score of 8.2 and the direct access to sensitive business data that Copilot provides, we strongly recommend that the vendor-supplied security updates be treated as a top priority for immediate deployment. Although this vulnerability is not currently listed on the CISA KEV catalog, its potential impact is severe. Organizations must prioritize patching and implement the recommended monitoring and compensating controls to mitigate the risk of sensitive information disclosure.