Jul 2025: Microsoft Teams Elevation of Privilege Vulnerability
CVE-2025-49731 Published on July 8, 2025
Microsoft Teams Elevation of Privilege Vulnerability
Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network.
Weakness Type
Improper Handling of Insufficient Permissions or Privileges
The application does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the application in an invalid state.
Products Associated with CVE-2025-49731
Want to know whenever a new CVE is published for Microsoft Teams? stack.watch will email you.
Affected Versions
Microsoft Teams for Android:- Version 1.0.0 and below 1.0.0.2025112902 is affected.
- Version 1.0.0 and below 25060212643 is affected.
- Version 2.0.0 and below 7.10.1 (100772025102901) is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.