CVE-2026-47645 Microsoft CVE debrief

Who should care

Organizations using Microsoft 365 Copilot's Business Chat should be aware of this vulnerability. IT administrators and security teams responsible for Microsoft 365 services need to assess their exposure and take necessary actions to protect their environments. This vulnerability's high severity and potential for privilege escalation make it a priority for immediate attention.

Technical summary

CVE-2026-47645 is an open redirect vulnerability in Microsoft 365 Copilot's Business Chat. The Common Vulnerabilities and Exposures (CVE) score is 8.8, classified as HIGH severity. The vulnerability is caused by improper handling of URL redirections, allowing attackers to redirect users to untrusted sites. This can lead to phishing attacks or further exploitation. The CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating that the vulnerability can be exploited over the network with low attack complexity and no user interaction.

Defensive priority

High priority due to 8.8 CVSS score and potential for privilege escalation

Recommended defensive actions

• Apply patches or updates provided by Microsoft for Microsoft 365 Copilot's Business Chat
• Review and restrict URL redirection policies in Microsoft 365 environments
• Monitor Microsoft 365 Copilot's Business Chat usage for suspicious activity
• Implement compensating controls such as web application firewalls or URL filtering
• Conduct a thorough risk assessment of Microsoft 365 Copilot's Business Chat usage within the organization

Evidence notes

The CVE record was obtained from the official CVE.org website. The vulnerability details were provided by the National Vulnerability Database (NVD). Microsoft has provided a reference for this vulnerability on their MSRC website. The CVSS score and vector were obtained from the NVD. There is no information on known ransomware campaigns using this vulnerability.

Official resources