Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202604-00000010

[Content Description]
Palo Alto Networks recently released a critical cybersecurity bulletin (CVE-2026-0234, CVSS: 8.8) stating that a vulnerability exists in the integration of Microsoft Teams with the Cortex XSOAR and Cortex XSIAM platforms due to improper encryption signatures. This vulnerability allows unauthorized attackers to access or tamper with protected resources.

[Affected Platforms]
Cortex XSIAM versions prior to Microsoft Teams Marketplace 1.5.52
Cortex XSOAR versions prior to Microsoft Teams Marketplace 1.5.52

[Recommended Actions]
Please update to the following versions:
Cortex XSIAM versions from Microsoft Teams Marketplace 1.5.52 onwards
Cortex XSOAR versions from Microsoft Teams Marketplace 1.5.52 onwards

[References]
1. https://www.twcert.org.tw/tw/cp-169-10830-9aaae-1.html