Microsoft Azure Health Bot Flaw Exposes Users to Privilege Escalation Attacks

Azure Health Bot Service, a cloud platform for AI-powered healthcare virtual assistants, suffered from critical vulnerabilities allowing unauthorized access to resources across different tenant environments. 

The potential for lateral movement within the service has been addressed by Microsoft through applied mitigations, requiring no user intervention. 

Azure Health Bot Service is a cloud-based platform enabling healthcare organizations to develop and deploy AI-driven virtual assistants that can interact with patients and handle administrative tasks, potentially accessing sensitive patient data based on bot configuration. 

The service aims to optimize workflows and reduce costs by automating processes and providing healthcare professionals with AI-powered support. 

Researchers identified a service feature named “Data Connections” during a security audit that enables bots to access external data sources, potentially including sensitive patient information or medical databases. 

They will investigate the potential security implications associated with this data exchange between the service and external systems. 

configuring a data connection

A server-side request forgery vulnerability was identified in a service allowing backend requests to third-party APIs. While intended protections blocked access to internal endpoints like Azure IMDS, redirect responses circumvented these controls. 

By manipulating the service’s scenario editor, attackers could force the service to make requests to arbitrary external hosts under their control, potentially leading to data exfiltration or other malicious activities. 

An attacker configured a server to redirect incoming requests to Azure’s Instance Metadata Service (IMDS) endpoint at http://169.254.169.254/metadata/instance?api-version=2021-12-13. 

This redirection could potentially allow the attacker to trick a compromised system into exposing its metadata, which might include information for obtaining an access token for accessing Azure resources like management.azure.com. 

attempt to obtain an access token.

A vulnerability allowed unauthorized access to Azure resources, while a token enabled listing subscriptions via the /subscriptions endpoint, revealing internal Microsoft subscription IDs. 

With the subscription ID, attackers could exploit another vulnerability in the /subscriptions/{subscriptionId}/resources endpoint to enumerate all resources within that subscription, potentially exposing hundreds of resources belonging to unintended users. 

The cross-tenant identifiers within service resources prompt an immediate halt to the investigation and reporting to MSRC on June 17th. MSRC validated the findings, initiating remediation across all regions, which was completed by July 2nd as no evidence of malicious exploitation was found. 

Tenable Research identified a new vulnerability in Microsoft’s FHIR endpoint, exploiting a similar attack vector to a previously patched issue. While this vulnerability allowed access to service internals, it did not enable cross-tenant access. 

Upon discovery, they immediately reported the issue to MSRC, adhering to their guidance on cross-tenant resource access. Microsoft released a patch addressing the vulnerability on July 12, and there’s no evidence of exploitation. 

Also Read:

Kaaviya
Kaaviyahttps://cyberpress.org/
Kaaviya is a Security Editor and fellow reporter with Cyber Press. She is covering various cyber security incidents happening in the Cyber Space.

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here