Potential Vulnerability: Access to Devices on Network via Teams

Copper Contributor

Hi.

 

Not sure if this is the right place for this. Does anyone know / have come across, a vulnerability that follows this user journey: 

 

1. Meeting Request Sent to victim via third party

2. Meeting commences

3. Third party accesses victim device (that meeting is taking place on) + devices connected to the network + has ability to modify, delete, add files on network connected devices + schedule events to take place on devices connected to the network.

 

When experienced the victim witnesses and major increase in CPU and Memory Useage + activity in applications managed at the enterprise level (Adobe Creative Cloud, N-Able, Citrix). 

 

Connected to the attack, the victim also notices otherwise non-malicious scripts launching from PDF and Image documetns that the Third Party had sent in the lead up.

0 Replies