Netvora logo
Submit Startup Subscribe
Home About Contact Submit Startup Subscribe

Microsoft Discloses Active Exploitation of Critical Path Traversal Vulnerability in Output Messenger

Comment

Microsoft Discloses Active Exploitation of Critical Path Traversal Vulnerability in Output Messenger

Netvora May 13, 2025 at 11:00 AM Security
Microsoft Discloses Active Exploitation of Critical Path Traversal Vulnerability in Output Messenger

Microsoft Discloses Active Exploitation of Critical Path Traversal Vulnerability in Output Messenger

By Netvora Tech News

Microsoft has announced that attackers have been actively exploiting a critical path traversal vulnerability in its Output Messenger platform for months, using it to spy on users and steal sensitive data. The vulnerability, rated 9.8 out of 10 in terms of severity, allows attackers to access user communication, steal sensitive data, and impersonate users for further attacks.

What is Output Messenger?

Output Messenger is a communication platform that enables users to chat, make calls, manage calendars, and share files, among other features. It allows organizations to host the platform on their own on-premise server. The platform is designed to provide users with a secure and reliable way to communicate and collaborate.

The Critical Vulnerability

The critical path traversal vulnerability, identified as CVE-2025-27920, allows attackers to access directories and files that they should not have access to. To exploit the vulnerability, attackers need to have valid login credentials for a user. The impact of the vulnerability is severe, as it can be used to steal sensitive data, intercept communication, and impersonate users for further attacks.

Exploitation Timeline

Microsoft has disclosed that the vulnerability has been actively exploited by attackers since April 2024 in attacks against Kurdish military operations in Iraq. The attackers, known as Marbled Dust, are believed to be a Turkey-linked espionage group.

How the Attackers Exploited the Vulnerability

The attackers exploited the vulnerability by placing a malicious file in the server's startup directory. They then installed a backdoor, allowing them to gain unauthorized access to the server and steal sensitive data. Microsoft has urged users to update their Output Messenger platform to the latest version, which addresses the vulnerability.

Conclusion

The discovery of the active exploitation of the critical path traversal vulnerability in Output Messenger highlights the importance of keeping software up to date and secure. Microsoft's prompt disclosure of the vulnerability and release of a patch demonstrate the company's commitment to protecting its users' data and security. Users are advised to update their Output Messenger platform immediately to prevent any potential attacks.

  • Output Messenger is a communication platform that provides users with a secure and reliable way to communicate and collaborate.
  • The critical path traversal vulnerability, identified as CVE-2025-27920, allows attackers to access directories and files that they should not have access to.
  • The vulnerability has been actively exploited by attackers since April 2024 in attacks against Kurdish military operations in Iraq.
  • Microsoft has urged users to update their Output Messenger platform to the latest version, which addresses the vulnerability.

Comments (0)

Leave a comment

Back to homepage

You might also like