Plattform
other
Komponente
cortex-xsoar
Behoben in
1.5.52
CVE-2026-0234 identifies an improper verification of cryptographic signature vulnerability within the Cortex XSOAR and Cortex XSIAM platforms during integration with Microsoft Teams. This flaw enables an unauthenticated user to access and modify protected resources. The vulnerability affects versions 1.5.0 through 1.5.52 and has been resolved in version 1.5.52.
The impact of CVE-2026-0234 stems from the potential for unauthorized access and modification of protected resources within the Cortex XSOAR/XSIAM environment. An attacker could potentially alter incident response workflows, manipulate data, or compromise sensitive information. The lack of authentication required for exploitation significantly broadens the attack surface, making it a critical concern for organizations relying on this integration for security operations.
CVE-2026-0234 is not currently listed on KEV or EPSS. Public proof-of-concept (POC) code is not yet available. Given the unauthenticated nature of the vulnerability, the exploitation probability is considered medium. The vulnerability was published on 2026-04-13.
Organizations heavily reliant on Cortex XSOAR and Cortex XSIAM for security orchestration and incident response are particularly at risk. Environments with shared Microsoft Teams accounts or those lacking robust access controls are also more vulnerable. Specifically, deployments using the Microsoft Teams Marketplace Integration for automated workflows or data ingestion should be prioritized for remediation.
• other / supply-chain:
# Check for suspicious Microsoft Teams integration activity
Get-WinEvent -LogName Application -FilterXPath "/Event[System[Provider[@Name='Microsoft-Windows-Teams'] and (EventID=1001 or EventID=1002)] and EventData/Data[@Name='IntegrationName']='Cortex XSOAR']"disclosure
Exploit-Status
EPSS
0.02% (6% Perzentil)
CISA SSVC
The primary mitigation for CVE-2026-0234 is to upgrade the Cortex XSOAR/XSIAM Microsoft Teams integration to version 1.5.52 or later. Before upgrading, review the release notes for any potential compatibility issues. Consider implementing stricter access controls within the Cortex XSOAR/XSIAM environment to limit the impact of a potential compromise. Regularly review integration configurations to ensure they adhere to security best practices.
Actualice la integración de Microsoft Teams de Cortex XSOAR a la versión 1.5.52 o posterior para mitigar la vulnerabilidad de verificación incorrecta de la firma criptográfica. Esta actualización corrige la falla que permite a usuarios no autenticados acceder y modificar recursos protegidos.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-0234 is a vulnerability in the Cortex XSOAR Microsoft Teams Marketplace Integration allowing unauthenticated access and modification of protected resources due to a flaw in cryptographic signature verification.
If you are using Cortex XSOAR Microsoft Teams Marketplace Integration versions 1.5.0 through 1.5.52, you are potentially affected by this vulnerability.
Upgrade the Cortex XSOAR Microsoft Teams Marketplace Integration to version 1.5.52 or later to remediate the vulnerability. Consider restricting access to the integration until the upgrade is complete.
As of the public disclosure date, there are no known active exploitation campaigns, but the vulnerability's severity warrants careful monitoring.
Refer to the Cortex XSOAR security advisory page for the latest information and official guidance regarding CVE-2026-0234.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.