Cybersecurity researchers have discovered a critical security flaw affecting Microsoft’s Copilot Studio that could be exploited to access sensitive information.
Tracked as CVE-2024-38206 (CVSS Score: 8.5), the vulnerability was described as a disclosure bug that results from server-side request forgery (USSR) attack.
“An authenticated attacker could bypass server-side request forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network,” Microsoft. said in a recommendation published on August 6, 2024.
The tech giant went on to say that the vulnerability has been fixed and does not require any action from the customer.
Trusted security researcher Evan Grant, who is credited with discovering and reporting the flaw, said he was using Copilot’s ability to make external web requests.
“Combined with a useful bypass of SSRF protection, we used this flaw to gain access to Microsoft’s internal infrastructure for Copilot Studio, including the Instance Metadata Service (IMDS) and internal Cosmos DB instances,” Grant said. said.
In other words, the attack technique made it possible to obtain instance metadata in a Copilot chat message, using it to obtain managed identity access tokens that could then be abused to access other internal resources, including obtaining read/write access to the Cosmos DB instance .
In addition, the cybersecurity company noted that while this approach does not allow access to information about different tenants, the infrastructure that powers the Copilot Studio service is shared among tenants, potentially affecting multiple customers if there is increased access to Microsoft’s internal infrastructure. .
The disclosure is made as Tenable in detail Fixed two security vulnerabilities in Microsoft Azure Health Bot Service (CVE-2024-38109, CVSS Score: 9.1) that, if exploited, could allow a malicious actor to achieve lateral movement in client environments and gain access to sensitive patient data.
It also follows Microsoft’s announcement that starting in October 2024, it will require all Microsoft Azure customers to enable multi-factor authentication (MFA) for their accounts as part of the Secure Future Initiative (SFI).
“The Ministry of Foreign Affairs will need to log into the Azure portal, the Microsoft Entra admin center and the Intune admin center. Enforcement will gradually be extended to all tenants worldwide,” Redmond said. said.
“Starting in early 2025, MFA sign-in to Azure CLI, Azure PowerShell, Azure mobile app, and Infrastructure as Code (IaC) tools will be phased in.”
