HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-45497Published Modified CNA microsoft

CVE-2026-45497: Microsoft M365 Copilot Remote Code Execution Vulnerability

Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.

Metrics

CVSS v3.1
7.7
Severity
HIGH
Fixed in
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

A command injection vulnerability in Microsoft 365 Copilot allows an authenticated attacker to execute arbitrary code remotely by sending specially crafted input over the network. The exploit requires a low-privilege account and elevated attack complexity, but no victim interaction, and operates with a changed scope affecting systems beyond the directly targeted component. Successful exploitation gives an attacker the ability to run arbitrary commands, read sensitive data, and partially tamper with or disrupt the service. No fix version has been published yet; HarborGuard tracks this advisory and will make a patched-image rebuild available the moment upstream ships a fix.

HarborGuard Coverage

Detection

Detection for CVE-2026-45497 is available across every HarborGuard environment, with the CVE matched against customer images within minutes of ingestion from upstream feeds including Microsoft advisories and NVD, covering both public base images and custom-built images that bundle Copilot-integrated components. Any image in a customer registry or CI/CD pipeline that carries an affected version of Microsoft 365 Copilot will surface a finding automatically.

Available
Triage

HarborGuard scores this CVE at 7.7 HIGH using the CVSS v3.1 base vector and weights findings against each customer environment's configured compliance policy, escalating findings that breach severity thresholds. Triage tickets are routed to the appropriate team inbox within each customer organization based on image ownership and policy rules.

Available
Patch

Because no upstream fix version has been published, HarborGuard re-checks the Microsoft advisory on every ingest cycle and will make a patched-image rebuild available automatically the moment a fix is released. In the interim, the platform surfaces the open finding continuously so security teams can apply compensating controls while the vendor patch is pending.

Pending upstream

Exploit Conditions

  • Network reachabilityRequired

    The attacker must reach the Microsoft 365 Copilot service over the network; local or physical access is not sufficient.

  • AuthenticationRequired

    A low-privilege authenticated account is sufficient; anonymous or unauthenticated access cannot trigger this vulnerability.

  • Victim interactionNot required

    No user interaction is needed; the attacker can trigger the vulnerability entirely on their own without involving another user.

  • Attack complexityDetail

    Attack complexity is high, meaning the attacker must account for environmental conditions or race-condition-style factors to reliably achieve exploitation.

Blast Radius

  • A successful attacker executes arbitrary operating-system commands in the context of the Copilot service, with scope change meaning the impact can extend to systems beyond the directly targeted component.
  • Confidentiality impact is high: the attacker reads sensitive data processed or stored by the service, which may include user prompts, organizational data, and session context.
  • Integrity impact is partial: the attacker modifies a subset of data or service state, but does not necessarily gain full write control.
  • Availability impact is partial: the attacker disrupts or degrades service operation without necessarily causing a complete denial of service.

How HarborGuard Handles This

Available on HarborGuard: because no upstream fix version exists for CVE-2026-45497 at this time, the platform monitors the Microsoft advisory on every ingest cycle and will trigger a patched-image rebuild automatically once a fix is published. For customers with auto-remediation enabled, that rebuild will be followed by a regression-test run and a pull request opened against affected workloads with no manual intervention required. While the patch is pending, security teams can use HarborGuard's network-policy controls to restrict egress and lateral access from containers running Copilot-integrated components, apply feature-flag gating to disable affected Copilot capabilities where operationally feasible, and configure alert routing so that any new image push containing the affected version immediately pages the responsible team. The finding remains open and continuously visible in the HarborGuard dashboard until a verified fix is confirmed.

See how HarborGuard automates this
Affected packages
  • Microsoft / Microsoft 365 Copilot
    -
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L/E:U/RL:O/RC:C
References