Critical Vulnerability Discovered in Microsoft’s Copilot Studio
Cybersecurity experts have revealed a significant security vulnerability impacting Microsoft’s Copilot Studio, raising concerns about the potential for unauthorized access to sensitive data. The flaw, designated as CVE-2024-38206 with a CVSS score of 8.5, is classified as an information disclosure vulnerability related to a server-side request forgery (SSRF) attack.
According to Microsoft in an advisory dated August 6, 2024, the vulnerability allows authenticated attackers to circumvent SSRF protections within the application, enabling them to leak sensitive information over the network. This serious shortcoming could permit attackers to exploit the Copilot’s functionality to make external web requests, thereby gaining access to internal resources.
Evan Grant, a security researcher with Tenable, who discovered and reported the vulnerability, explained that the flaw could be leveraged to access Microsoft’s internal infrastructure responsible for Copilot Studio. This included obtaining tokens for managed identities, which can then be misused to access other internal components like the Instance Metadata Service (IMDS) and internal Cosmos DB instances. The implication of this attack technique is particularly alarming as it allows attackers to extract instance metadata embedded in calls through Copilot, thereby facilitating a path to unauthorized access.
While Microsoft has stated that the vulnerability has been addressed and that no action is required from customers, the incident highlights a critical issue: even though cross-tenant information cannot be accessed, the shared infrastructure supporting Copilot Studio may expose multiple clients to risk should an attacker gain elevated privileges within Microsoft’s internal systems.
This disclosure follows another recent report from Tenable detailing two patched vulnerabilities in Microsoft’s Azure Health Bot Service, which, if left unaddressed, could allow malicious actors to move laterally within customer environments to extract sensitive patient data. These incidents underscore an ongoing trend of vulnerabilities in major cloud services, compounding security concerns for organizations depending on these platforms.
In response to these vulnerabilities, Microsoft has announced that starting October 2024, it will mandate multi-factor authentication (MFA) for all Azure customers as part of its Secure Future Initiative. This requirement aims to enhance security by ensuring that MFA is necessary for signing into essential services, including the Azure portal and the Microsoft Entra admin center. The gradual enforcement of MFA for additional tools and services will commence in early 2025, further solidifying Microsoft’s commitment to strengthening its cybersecurity measures.
The attack described aligns with several tactics and techniques found in the MITRE ATT&CK framework, particularly under the categories of initial access and privilege escalation. The utilization of SSRF as a method to gain unauthorized access points to a sophisticated understanding of the underlying infrastructure, typical of advanced persistent threats.
For business owners invested in defending against cybersecurity incidents, the Copilot Studio vulnerability serves as a critical reminder of the importance of robust security practices and the continual need for vigilance in safeguarding sensitive information. As threats evolve, the necessity of adopting comprehensive security measures, such as enforced MFA and regular vulnerability assessments, becomes paramount in maintaining a secure operational environment.
