CVE-2025-32711

Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot (affected versions not specified)

Description EchoLeak is a zero-click issue in Microsoft 365 Copilot that allows an unauthorized remote attacker to exfiltrate sensitive organizational data from OneDrive, SharePoint, and Teams without any user interaction. The attack is executed by sending a specially crafted email containing hidden instructions disguised as legitimate content. When Copilot processes the email or the user asks for a summary, the AI incorporates the malicious prompt into its context, leading to a scope violation in the RAG (Retrieval-Augmented Generation) engine. This allows the mixing of untrusted inputs with internal data, enabling the exfiltration of secrets to attacker-controlled servers. The exploitation leverages prompt injection, automatic tool invocation, and techniques such as CSP (Content Security Policy) bypass and ASCII smuggling to evade security policies and bypass cross-prompt injection protections.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.