Advanced

CVE-2025-32711: Microsoft 365 Copilot EchoLeak Zero-Click AI Vulnerability

EchoLeak (CVE-2025-32711) demonstrates a new class of vulnerability unique to AI assistants deeply integrated with organizational data: indirect prompt injection combined with a scope-val...

CVE-2025-32711, publicly nicknamed EchoLeak, is a zero-click, LLM scope-validation vulnerability affecting Microsoft 365 Copilot. It is officially classified by Microsoft as an Information Disclosure vulnerability and cataloged under CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection').

Because Copilot is deeply integrated with Microsoft 365 data sources (SharePoint, OneDrive, Outlook, and Teams), any of this tainted content can end up being read, indexed, and summarized by Copilot as part of its normal operation. If Copilot processes poisoned content without properly validating the origin/scope of the instructions inside it, it can be tricked into following those hidden instructions and disclosing sensitive information in its responses — all without the victim ever clicking a malicious link or knowingly interacting with the malicious content. This is why the vulnerability is described as zero-click.

Microsoft assigned this vulnerability a CVSS score of 9.3 (Critical), reflecting the severity of unauthenticated, no-interaction, network-based information disclosure against an AI assistant with broad access to organizational data.

Sign in to read this course

A free account unlocks all 514 courses. 20 are readable without one.

What's inside

3 sections
  1. 1 Table of Contents
  2. 2 Module 1: CVE-2025-32711 Microsoft 365 Copilot EchoLeak Zero-Click AI Vulnerability
  3. 3 Summary

More Vulnerability Briefings courses

View all 30

Interested in this course?

Contact us to book it or get a custom training plan for your team.