Vulnerability was discovered by CyberArk and Omer Tsarfati (cybersecurity researcher at CyberArk) said: "Even if an attacker doesn’t gather much information from a Teams’ account, they could use the account to traverse throughout an organization (just like a worm)".
CyberArk researchers found that attacker was able to get hold of a cookie (called "authtoken") that grants access to a resource server (api.spaces.skype.com), and used it to create a "skype token". Abuse of these tokens gave a permissions to send messages, read messages, create groups, add new users or remove users from groups, change permissions in groups via the Teams API.
"The victim will never know that they've been attacked, making the exploitation of this vulnerability stealthy and dangerous," the researchers said.
No comments:
Post a Comment