![\"\"](\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPxhWGZawWeHzNGIbomWP8Nbdh5Dd6tcZRBCwh1fzvzwLRHHrOAdfio4nT7DL5Lq7_v0S8mDZ5JcWhL_B75AVaO8pYvvxHr5UbkNOaALx-O3Xj2msk9pV1vHsgTDQjCYfED7yaajgRNK5Qarl8aAWqwk6W0GYG5DwB9MGPnXdrgRhGpgIyNdu5FYPJtPF5/s790-rw-e365/ms-teams.jpg\")
A recent report by cybersecurity researchers has unveiled four security vulnerabilities in Microsoft Teams that could have exposed users to severe impersonation and social engineering attacks.
These flaws allowed attackers to manipulate conversations, impersonate colleagues, and exploit notifications, as stated in a report by Check Point that was shared with The Hacker News.
Microsoft addressed some of these issues in August 2024 under the CVE CVE-2024-38197 after responsible disclosure in March 2024. Subsequent patches were rolled out in September 2024 and October 2025.
The vulnerabilities enabled attackers to modify message content without leaving an “Edited” label, change sender identities, and manipulate notifications to appear as if they were coming from a trusted source, including high-profile executives.
![\"DFIR](\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg-X-E4jERutAGUVjhgWkMe8ShYj1nqWzq1SqeBFJikipPF-xT70YnaSLlaR3UkhNP8Q47kifLbAEGXpknthRo_lfqDawf05df5ozIbkBTrupYoGXl8axiISZxIKgHQ8GOm47oYIZ9l8PnjNrSw_NpS6YzSZzvy0bhoqKd91EG3BcIs3jONhIjeB4iXl-dY/s738-e100/zz--inside-d.png\")
These vulnerabilities pose serious risks to both external guest users and internal malicious actors, allowing them to perform unintended actions such as clicking on malicious links or sharing sensitive data.
Furthermore, the flaws made it possible to change display names in private chat conversations by modifying the conversation topic and alter display names in call notifications, enabling attackers to forge caller identities.
According to Check Point, these vulnerabilities highlight how attackers can exploit trust in collaboration tools, turning platforms like Teams into vectors for deception.
![\"\"](\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6hrixGfHAtSBkAwSBIk-0f2VSLtLXAVas3sAm20uynFUfc_u8nOvEiBbZ6SL8HzsW3b9HiMI86JvulwORmIn1sX7pEQXxVLVIoSBma_mGvocwUx1o2qEGDjyNxr09hyphenhyphen6RGh1fPH9E2LG3PZwH963CExTOi4TjsnvenDNMOsmWEiZwTKcYHGbCuk2K6Plf/s2600/ceo.jpg\")
One of the vulnerabilities, CVE-2024-38197, described by Microsoft as a medium-severity spoofing issue affecting Teams for iOS, could allow attackers to alter sender names and trick users into disclosing sensitive information through social engineering tactics.
These findings come at a time when threat actors are exploiting Microsoft Teams for various malicious activities, including persuading targets to grant remote access or run malicious payloads under the guise of support personnel.
![\"CIS](\"https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_HDUlvbnYoGKWPtfjTL83IuUQ73P6igcLnrsVdRjU2sVKjgD6kcX1QX3psmxbKnQ-GfeZ5xCNgnJF64an1ZS4C9mxkNAfVoSaNVMTGdlCMv4nchoUdLGCDbdB6BQWiRScizTQjINO1DArRQdcgzs5CbapyRNjTVLX_RBZ4eS9Kg3iB7UkazuU0e5YlPLZ/s728-e100/sem-d.png\")
Microsoft warned in a recent advisory that the extensive collaboration features of Teams make it a prime target for cybercriminals and state-sponsored actors, with messaging, calls, meetings, and screen-sharing features being weaponized in different stages of an attack.
Oded Vanunu, head of product vulnerability research at Check Point, emphasized the importance of securing trust in collaboration platforms like Teams, stating that organizations must focus on verifying information rather than blindly trusting it.
