fbpx
Techitup Middle East
B2B TechnologyCybersecurity

Tenable Discovers Critical Vulnerability in Microsoft Copilot Studio 

Tenable has disclosed that its Tenable Research Team has discovered a critical information disclosure vulnerability in Microsoft’s Copilot Studio. The vulnerability, via a server-side request forgery (SSRF), allowed researchers access to potentially sensitive information regarding service internals with potential cross-tenant impact. This vulnerability exists due to improper handling of redirect status codes for user-configurable actions within Copilot Studio. This follows the team’s recent discoveries of flaws in Microsoft’s Azure Health Bot service, Azure Service Tags and three vulnerabilities in the Azure API Management service. 

Advertisement

An SSRF vulnerability occurs when an attacker is able to influence the application into making server-side HTTP requests to unexpected targets or in an unexpected way, for example forcing an application on a remote host to make requests to an unintended location. If an attacker is able to control the target of those requests, they could point the request to a sensitive internal resource for which the server-side application has access, even if the attacker doesn’t, revealing potentially sensitive information. Had this issue been exploited by a malicious actor, they would have been able to access the internal infrastructure of Copilot Studio, which is a shared environment among customers. This could have allowed access to Azure’s Instance Metadata Service (IMDS) allowing a threat actor to obtain access tokens for the environment, granting further access to other shared resources, such as a Cosmos DB, where sensitive information regarding the internals of Copilot Studio are stored. 

Microsoft has confirmed that remediations for this issue were in place as of July 31, 2024. No customer action is required. 

More information, can be found on the Tenable blog.

Related posts

Huawei Showcases an Innovative AI-Ready Cloud at GITEX 2024

Editor

SANS Institute to Host SANS Riyadh Cyber Leaders August 2024 

Editor

Nutanix: Hybrid Multicloud Adoption for Financial Services Will Triple

Editor

Leave a Comment