الثغرات ›

CVE-2026-33823

حرج

CWE-285 — نوع الضعف

                    نُشر: May 7, 2026                      ·  آخر تحديث: May 10, 2026                      ·  المصدر: NVD                

CVSS v3

9.6

🔗 NVD الرسمي

📄 الوصف (الإنجليزية)

Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.

🤖 ملخص AI

CVE-2026-33823 is a critical authorization flaw in Microsoft Teams (CVSS 9.6) that allows authenticated attackers to disclose sensitive information over the network. With no patch currently available, this vulnerability poses immediate risk to organizations relying on Teams for secure communications. The lack of exploit availability provides a narrow window for defensive preparation before potential weaponization.

📄 الوصف (العربية)

🤖 التحليل الذكي آخر تحليل: May 9, 2026 00:32

🇸🇦 التأثير على المملكة العربية السعودية

This vulnerability critically impacts Saudi government entities (NCA, GOSI, Ministry of Health), SAMA-regulated financial institutions, and major telecommunications providers (STC, Mobily) that extensively use Microsoft Teams for secure communications. Banking sector faces elevated risk for unauthorized access to financial discussions and confidential data. Healthcare organizations (MOH, private hospitals) risk exposure of patient information and medical records. Energy sector (ARAMCO, SEC) could face disclosure of operational and strategic communications. Government agencies using Teams for classified discussions face potential intelligence compromise.

🏢 القطاعات السعودية المتأثرة

Banking and Financial Services Government and Public Administration Healthcare and Medical Services Energy and Utilities Telecommunications Defense and Security Education Large Enterprises

🎯 تقنيات MITRE ATT&CK

T1078 - Valid Accounts T1087 - Account Discovery T1010 - Application Window Discovery T1557 - Man-in-the-Middle T1041 - Exfiltration Over C2 Channel T1020 - Automated Exfiltration T1530 - Data from Cloud Storage T1213 - Data from Information Repositories

⚖️ درجة المخاطر السعودية (AI)

8.9

/ 10.0

🔧 Remediation Steps (English)

Immediate Actions:

1. Audit all Microsoft Teams access logs and user permissions across your organization

2. Implement network segmentation to restrict Teams traffic to authorized users only

3. Enable advanced threat protection and data loss prevention (DLP) policies in Teams

4. Review and restrict guest access and external sharing permissions immediately

5. Enforce multi-factor authentication (MFA) for all Teams users

6. Monitor for suspicious access patterns and information disclosure attempts



Compensating Controls:

7. Implement conditional access policies to restrict Teams access by location, device compliance, and risk level

8. Enable Teams audit logging and configure alerts for unauthorized data access

9. Use information barriers to prevent cross-team communication where sensitive

10. Conduct immediate security awareness training on social engineering and credential compromise

11. Establish incident response procedures for potential data disclosure incidents

12. Consider temporary restrictions on sensitive discussions via Teams until patch is available



Detection Rules:

- Alert on unusual bulk data downloads or exports from Teams

- Monitor for access to Teams by accounts outside normal business hours

- Track failed authentication attempts followed by successful access

- Flag access to sensitive channels by users without documented business need

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. تدقيق جميع سجلات الوصول إلى Microsoft Teams والأذونات عبر المنظمة

2. تنفيذ تقسيم الشبكة لتقييد حركة Teams للمستخدمين المصرحين فقط

3. تفعيل الحماية المتقدمة من التهديدات وسياسات منع فقدان البيانات في Teams

4. مراجعة وتقييد الوصول للضيوف والمشاركة الخارجية فوراً

5. فرض المصادقة متعددة العوامل لجميع مستخدمي Teams

6. مراقبة أنماط الوصول المريبة ومحاولات الكشف عن المعلومات



الضوابط البديلة:

7. تنفيذ سياسات الوصول الشرطي لتقييد الوصول إلى Teams حسب الموقع والامتثال للجهاز

8. تفعيل تسجيل تدقيق Teams وتكوين التنبيهات للوصول غير المصرح

9. استخدام حواجز المعلومات لمنع الاتصال بين الفرق الحساسة

10. إجراء تدريب فوري على الوعي الأمني بشأن الهندسة الاجتماعية

11. إنشاء إجراءات الاستجابة للحوادث المحتملة

12. النظر في تقييد مؤقت للمناقشات الحساسة عبر Teams حتى توفر التصحيح

📋 خريطة الامتثال التنظيمي

🟢 NCA ECC 2024

ECC 2024 A.5.1.1 - Access Control Policy ECC 2024 A.5.2.1 - User Registration and De-registration ECC 2024 A.5.3.1 - Access Rights Review ECC 2024 A.8.2.1 - Classification of Information ECC 2024 A.8.2.3 - Handling of Assets ECC 2024 A.12.4.1 - Event Logging ECC 2024 A.12.4.3 - Administrator and Operator Logs

🔵 SAMA CSF

SAMA CSF ID.AM-1 - Asset Management SAMA CSF AC-2 - Access Control SAMA CSF AC-3 - Least Privilege SAMA CSF DE-1 - Detection Processes SAMA CSF DE-4 - Monitoring Activities SAMA CSF RS-1 - Response Planning

🟡 ISO 27001:2022

ISO 27001:2022 A.5.1 - Policies for Information Security ISO 27001:2022 A.5.3 - Segregation of Duties ISO 27001:2022 A.6.2 - Information Security Roles and Responsibilities ISO 27001:2022 A.8.1 - User Endpoint Devices ISO 27001:2022 A.8.2 - Privileged Access Rights ISO 27001:2022 A.8.3 - Information Access Restriction ISO 27001:2022 A.12.4 - Logging

🟣 PCI DSS v4.0

PCI DSS 2.1 - Configuration Standards PCI DSS 6.2 - Security Patches PCI DSS 7.1 - Limit Access to System Components PCI DSS 8.1 - User Identification and Authentication PCI DSS 10.2 - Implement Automated Audit Trails

🔗 المراجع والمصادر 1

🔗

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33823

secure@microsoft.com

Vendor Advisory

📦 المنتجات المتأثرة 1 منتج

microsoft:teams:-

📊 CVSS Score

9.6

/ 10.0 — حرج

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeC — Changed

ConfidentialityH — High

IntegrityH — High

AvailabilityN — None / Network

📋 حقائق سريعة

الخطورة حرج

CVSS Score9.6

CWECWE-285

EPSS0.04%

اختراق متاح لا

تصحيح متاح ✗ لا

تاريخ النشر 2026-05-07

المصدر nvd

المشاهدات 2

🇸🇦 درجة المخاطر السعودية

8.9

/ 10.0 — مخاطر السعودية

أولوية: CRITICAL

🏷️ الوسوم

CWE-285

🏢 توجيهات البائع

🔗 https://msrc.microsoft.com/update-guide/vulnerabilit...

⚡ إجراءات

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-33823

عرّفنا بنفسك

تسجيل الدخول مطلوب