ThreatLevelBeta
Planned Fix

CVE-2026-21520

Microsoft Copilot Studio Pre-Auth Info Disclosure
Loading...

Summary

Microsoft Copilot Studio is a low-code platform for building AI agents and agent flows. This cloud-service flaw let unauthenticated network attackers view sensitive information from Copilot Studio without any user interaction. The impact is confidentiality loss rather than code execution or service disruption.

Why Planned Fix?

4/6
No authentication required
Commonly internet-facing deployment
No user interaction needed
Exploitable in default configuration
No active exploitation or PoC
Not a high impact vulnerability

Exploitation Details

Type
Unknown
Is exploitable with default configuration?
Yes
Is authentication needed?
No
PoC / Exploit
No
Impact

Read sensitive information from Copilot Studio

Data Disclosure
Exploitation Requirements

None — vulnerable in default configuration

Exploitation Process

An attacker sends crafted, unauthenticated requests to Copilot Studio service endpoints. If the vulnerable request path is reached, the service returns information that should have been access-controlled. Success is verified by receiving sensitive data without first authenticating or having an authorized session.

Detection Resources
Manual Detection
0
Script Detection
0
Scanner Detection
Tenable Nessus
1

Affected Software

Vendor:Microsoft
ProductAffected Versions
Microsoft Copilot Studioall versions
Description

Microsoft Copilot Studio is a graphical, low-code tool for building AI agents and agent flows that can connect to other data sources and business systems.

Deployment:Commonly internet-facing
|
Protocol:HTTPS
|
Ports:443
Affected ComponentCopilot Studio cloud service backend and web authoring portal handling agent and information-access requests.

Copilot Studio cloud service backend and web authoring portal handling agent and information-access requests.

Affected Endpoints(1)https://copilotstudio.microsoft.com
1.https://copilotstudio.microsoft.com
Enterprise UsageEstimated likelihood that this vendor/product is deployed in enterprise environments. AI-generated estimation based on market presence, product type and adoption signals — not exact data.
Very Low
Low
Medium
High
Very High
Vendor Size:Big
Remediation
Workaround

Not available

Patch

Not available

Update

Not available

Threat Intelligence
EPSS Score0.1%

Probability of exploitation in the next 30 days

EPSS Percentile26%

Worse than 26% of all CVEs

Last updated: Loading...
CISAKEV
CISA KEV
Not Listed
Active Exploitation
No Evidence
Threat Actors

No known threat actors

Detection Rules

No detection rules available

NVD Data

Published: Loading...Modified: Loading...

Description Summary

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector

CVSS Base Score

7.5
High

CVSS Vector (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Attack Vector (AV)
Physical
Local
Adjacent
Network
Attack Complexity (AC)
High
Low
Privileges Required (PR)
High
Low
None
User Interaction (UI)
Required
None
Scope (S)
Unchanged
Changed
Confidentiality (C)
None
Low
High
Integrity (I)
None
Low
High
Availability (A)
None
Low
High
CWE:CWE-77 Command Injection
|
NVD:CVE-2026-21520
|
Version From:
|
Version Upto:

Affected Software (CPE) (1)

  • cpe:2.3:a:microsoft:copilot_studio:-:*:*:*:*:*:*:*

Sources

6
SourceArticle
msrc.microsoft.comCopilot Studio Information Disclosure Vulnerability - CSAF
msrc.microsoft.comSecurity Update Guide - CVE-2026-21520
nvd.nist.govCVE-2026-21520 Detail
learn.microsoft.comOverview - Microsoft Copilot Studio
learn.microsoft.comConfigure user authentication in Copilot Studio
tenable.comCVE-2026-21520

Priority History

Planned FixLoading...

Initial analysis