Detections
Analytics

Microsoft Teams for Desktop < 25163.3611.3774.6315 Elevation of Privilege (July 2025)

low Nessus Plugin ID 264898

Language:

Synopsis

Microsoft Teams for Desktop is affected by an elevation of privilege vulnerability.

Description

The version of Microsoft Teams for Desktop on the remote Windows host is prior to 25163.3611.3774.6315 It is, therefore, affected by an elevation of privilege vulnerability:

 - Improper handling of insufficient permissions or privileges in Microsoft Teams allows an authorized attacker to elevate privileges over a network. (CVE-2025-49731)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Microsoft Teams for Desktop version 25163.3611.3774.6315 or later via the Microsoft Store.

See Also

http://www.nessus.org/u?705592ec

Plugin Details

Severity: Low

ID: 264898

File Name: microsoft_teams_for_desktop_25163_3611_3774_6315.nasl

Version: 1.1

Type: local

Agent: windows

Family: Windows

Published: 9/16/2025

Updated: 9/16/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v3

Risk Factor: Low

Base Score: 3.1

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Vulnerability Information

CPE: cpe:/a:microsoft:teams

Required KB Items: SMB/Registry/Enumerated, WMI/Windows App Store/Enumerated

Patch Publication Date: 7/8/2025

Vulnerability Publication Date: 7/8/2025

Reference Information

CVE: CVE-2025-49731

IAVA: 2025-A-0493