CVE-2025-53783

HIGH

Microsoft Teams - Remote Code Execution via Heap-based Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-53783. PoCs published by ksgassama-lab.

AI-analyzed exploit summary This repository documents a vulnerability management workflow for CVE-2025-53783, a heap-based buffer overflow in Microsoft Teams. It includes detection, verification, and remediation steps using PowerShell and `winget` but does not contain exploit code.

Description

Heap-based buffer overflow in Microsoft Teams allows an unauthorized attacker to execute code over a network.

Exploits (1)

nomisec WRITEUP

by ksgassama-lab · poc

https://github.com/ksgassama-lab/MSTeams---Vulnerability---Remediation

View Code ZIP pw:eip

This repository documents a vulnerability management workflow for CVE-2025-53783, a heap-based buffer overflow in Microsoft Teams. It includes detection, verification, and remediation steps using PowerShell and `winget` but does not contain exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Microsoft Teams (versions prior to 25122.1415.3698.6812)

No auth needed

Prerequisites: Outdated Microsoft Teams installation

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory patch

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53783

Scores

CVSS v3 7.5

EPSS 0.0076

EPSS Percentile 50.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-122

Status published

Products (8)

microsoft/dynamics_365_guides < 907.2505.29001.0

microsoft/dynamics_365_remote_assist < 316.2505.28001

microsoft/teams < 1.0.0.2025102802

microsoft/teams < 25122.1207.3700.1444

microsoft/teams < 25122.1415.3698.6812

microsoft/teams < 7.10.1

microsoft/teams_panels < 1.0.97.2025102203

microsoft/teams_phones < 1.0.94.2025168802

Published Aug 12, 2025

Tracked Since Feb 18, 2026