Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN371
_____________________________________________________________________

DATE                : 09/04/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cortex XSIAM Microsoft Teams
                        Marketplace versions 1.5 prior to 1.5.52,
                     Systems running Cortex XSOAR Microsoft Teams
                        Marketplace versions 1.5 prior to 1.5.52.

=====================================================================
https://security.paloaltonetworks.com/CVE-2026-0234
_____________________________________________________________________

CVE-2026-0234 Cortex XSOAR: Improper Verification of Cryptographic
Signature in Microsoft Teams integration


Urgency HIGHEST

047910

Severity 7.2 · HIGH
Exploit Maturity UNREPORTED
Response Effort MODERATE
Recovery USER
Value Density DIFFUSE
Attack Vector NETWORK
Attack Complexity HIGH
Attack Requirements PRESENT
Automatable NO
User Interaction NONE
Product Confidentiality HIGH
Product Integrity HIGH
Product Availability HIGH
Privileges Required NONE
Subsequent Confidentiality NONE
Subsequent Integrity NONE
Subsequent Availability NONE
CVE JSON CSAF
Published 2026-04-08
Updated 2026-04-08
Discovered externally


Description

An improper verification of cryptographic signature vulnerability exists
in Cortex XSOAR and Cortex XSIAM platforms during integration of
Microsoft Teams that enables an unauthenticated user to access and
modify protected resources. 


Product Status

Versions	Affected	Unaffected
Cortex XSIAM Microsoft Teams Marketplace 1.5.0	< 1.5.52	>= 1.5.52
Cortex XSOAR Microsoft Teams Marketplace 1.5.0	< 1.5.52	>= 1.5.52

Severity: HIGH, Suggested Urgency: HIGHEST

CVSS-BT: 7.2 / CVSS-B: 9.2 (CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Red)


Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.


Weakness Type and Impact

CWE-347 Improper Verification of Cryptographic Signature

CAPEC-475 Signature Spoofing by Improper Validation


Solution

Version              Minor Version          Suggested Solution

Cortex XSOAR Microsoft Teams Marketplace 1.5
	1.5.0 through 1.5.51 	Upgrade to 1.5.52 or later.

Cortex XSIAM Microsoft Teams Marketplace 1.5
	1.5.0 through 1.5.51 	Upgrade to 1.5.52 or later.


Workarounds and Mitigations

No known workarounds exist for this issue.


Acknowledgments
Palo Alto Networks thanks quinn for discovering and reporting this issue.


CPE Applicability

        cpe:2.3:a:palo_alto_networks:cortex_xsoar_microsoft_teams_marketplace:*:*:*:*:*:*:*:* is vulnerable from (including)1.5.0 and up to (excluding)1.5.52
    or
        cpe:2.3:a:palo_alto_networks:cortex_xsiam_microsoft_teams_marketplace:*:*:*:*:*:*:*:* is vulnerable from (including)1.5.0 and up to (excluding)1.5.52


Timeline

2026-04-08         Initial Publication


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================