Full Report
Cybersecurity researchers have shed light on a cross-tenant blind spot that allows attackers to bypass Microsoft Defender for Office 365 protections via the guest access feature in Teams. "When users operate as guests in another tenant, their protections are determined entirely by that hosting environment, not by their home organization," Ontinue security researcher Rhys Downing said in a report
Analysis Summary
# Vulnerability: Microsoft Teams Guest Access Creates Cross-Tenant Protection Bypass
## CVE Details
- CVE ID: Not explicitly mentioned in the provided text.
- CVSS Score: Not provided in the text.
- CWE: Not explicitly mentioned in the text (Related to authorization/authentication bypass and insecure configuration management).
## Affected Systems
- Products: Microsoft Teams, Microsoft Defender for Office 365.
- Versions: Not specified, but applies to environments utilizing the Teams Guest Access feature.
- Configurations: Organizations where users join external tenants as guests, and the external tenant uses licenses that do not mandate Defender for Office 365 (e.g., Teams Essentials or Business Basic).
## Vulnerability Description
The vulnerability describes a cross-tenant blind spot stemming from the architecture of guest access in Microsoft Teams. When a user accepts a guest invitation to an external tenant, their security protections are dictated by the **hosting environment (the external tenant)**, overriding their **home organization's** security policies, including those enforced by Microsoft Defender for Office 365.
An attacker can create a low-cost tenant (e.g., using Teams Essentials) that lacks Defender protections. They can then invite a victim (a guest) into this unprotected environment. Once the victim accepts, the attacker can send phishing links or malware attachments, bypassing the victim's home organization's **Safe Links** and **Safe Attachments** scanning because the interaction occurs outside the victim's security boundary. Furthermore, the invitation email appears legitimate as it originates from Microsoft infrastructure, bypassing standard email security checks (SPF, DKIM, DMARC).
## Exploitation
- Status: Theoretical/Proof of Concept scenario described by a researcher (Rhys Downing). Not explicitly stated as "exploited in the wild," but the mechanism is clearly defined.
- Complexity: Likely **Low to Medium**. Setting up a basic unprotected tenant is easy; the attacker relies on the victim accepting an invitation originated by Microsoft infrastructure.
- Attack Vector: Network (via malicious Teams invitation/chat session).
## Impact
- Confidentiality: **High**. Sensitive information shared within the compromised guest chat is exposed to the attacker without protective scanning.
- Integrity: **High**. Malware or malicious links are delivered successfully to the unsuspecting guest user.
- Availability: **Low to Medium**. Attackers gain a foothold for potential lateral movement or data exfiltration, but the primary immediate impact is on data security.
## Remediation
### Patches
- No specific CVE or patch numbers were provided in the summary text, as this appears to be a configuration/architectural concern rather than a conventional software vulnerability requiring an immediate patch release. Remediation focuses on configuration management.
### Workarounds
1. **Restrict Guest Access:** Organizations should carefully review and restrict who can be invited as guests or who can invite external users, especially if the external tenant is outside their control.
2. **Restrict Receiving Invitations:** While the `UseB2BInvitesToAddExternalUsers` policy in `TeamsMessagingPolicy` prevents *sending* invitations, organizations should consider if they need to control *receiving* invitations based on trust levels, though explicit guidance on blocking incoming guest invites is not detailed here.
3. **Verify External Tenant Licensing:** Security teams should understand the risks associated with collaborating in tenants hosted by partners or external entities using lower-tier Microsoft 365 licenses that lack robust native security features.
## Detection
- **Indicators of Compromise (IOCs):** Monitoring for internal users accepting guest invitations into external tenants that are known to be low-security environments (if such a list can be compiled).
- **Detection Methods and Tools:** Focus monitoring efforts on user activity *after* they join an external tenant chat environment, looking for attempts to download files or click links within those specific sessions, as the home tenant's security controls are bypassed. Utilize external tenant auditing tools if available, though visibility is inherently limited.
## References
- Rhys Downing (Ontinue) report on Microsoft chat with anyone phishing risk (Specific link defanged: hxxps://www.ontinue.com/resource/blog-microsoft-chat-with-anyone-understanding-phishing-risk/)
- Microsoft documentation on Teams Guest Access and External Access.