Microsoft Copilot Studio Vulnerability

Recently, it was revealed that a serious vulnerability was discovered in Microsoft Copilot Studio, which could threaten the internal security of the company. This vulnerability, known as SSRF (server-side request forgery), could allow attackers to gain access to confidential data. Researchers from Tenable noticed that Copilot Studio has a feature that allows users to send HTTP requests.

They decided to test this feature and found that with minor modifications to the requests, they were able to bypass the SSRF protection. This allowed them to redirect requests to their own server and access internal data. Although the initially obtained information was not confidential, the researchers were able to extract access tokens, highlighting the seriousness of the issue.

Ultimately, they gained access to Azure subscriptions and were able to discover a Cosmos DB instance that they could access through Copilot. This vulnerability, designated CVE-2024-38206, was rated as critical with a score of 8.5 on the CVSS scale. After discovering the vulnerability, Tenable reported it to Microsoft, which quickly fixed the issue and confirmed that users do not need to take any action to receive the patch.

It is important to stay updated and use the latest versions of software to protect your data from such threats.