EchoLeak is the first known zero-click AI vulnerability that allows attackers to exfiltrate sensitive data from Microsoft 365 Copilot without user interaction. Although patched by Microsoft, the vulnerability highlights the risks of โLLM Scope Violationโ in AI-integrated enterprise systems. #EchoLeak #Microsoft 365Copilot #LLMScopeViolation
Keypoints
- EchoLeak is a zero-click vulnerability that exploits Microsoft 365 Copilotโs AI capabilities.
- The attack involves a malicious email with a crafted prompt designed to exfiltrate internal data.
- The vulnerability was assigned CVE-2025-32711 and fixed by Microsoft in May 2025.
- It demonstrates the threat of โLLM Scope Violation,โ where large language models leak privileged information.
- enterprises should improve prompt filtering, input scoping, and RAG engine configurations to prevent similar attacks.