Tech News
Microsoft Copilot Studio Vulnerability Could Expose Sensitive Data
Microsoft’s AI flagship, Copilot Studio, was found to have a critical SSRF vulnerability that could potentially expose sensitive internal data to adversaries. Following a bug report, Microsoft promptly patched the flaw to ensure the security of its infrastructure.
SSRF Vulnerability Found In Microsoft Copilot Studio
A recent post from Tenable revealed a serious server-side request forgery (SSRF) vulnerability in Microsoft Copilot Studio.
Researchers discovered that a unique functionality of the tool allowed users to send HTTP requests as prompts. They tested this feature against Instance Metadata Service (IMDS) and Cosmos DB instances, eventually bypassing SSRF protection and accessing sensitive information.
The vulnerability, identified as CVE-2024-38206, received a critical severity rating and a CVSS score of 8.5. Tenable provided a detailed technical analysis of the vulnerability and its exploitation process.
Microsoft Patched The Vulnerability
Upon receiving the report from Tenable, Microsoft quickly addressed the vulnerability and credited the discovery to Evan Grant. The tech giant confirmed full mitigation in its advisory, requiring no action from users to receive the fix.
Share your thoughts in the comments section below.
Ditch storage limits with a 2TB lifetime cloud storage plan
German far-right party AfD could see historic gains in this election. Here’s why – National
3 Reasons to Grow Your Family’s Ability to Hope
Trump targets college affirmative action — DOJ, start here
Pachinko comedy adventure game Jump the Track announced
Everything new in Marvel Rivals Season 1.5 update
Get a $199 Scosche multi-device charging dock for just $39 right now
Germans Are Voting. Here’s What to Watch For.
GMR expects 50 mn passengers at Hyderabad airport by FY31, to invest INR 370 cr on cargo expansion, BA
Mass federal firings: Musk gives all federal workers 48 hours to explain what they did last week
Singapore Airlines CEO set to join board of Air India, BA News, BA
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
Croatia to reintroduce compulsory military draft as regional tensions soar
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
Satisfy Your Meat and BBQ Cravings While in Texas
The Top 20 Motivational Instagram Accounts to Follow (2024)
15 Best Magnetic Tile Race Tracks for Kids!
15 of the Best Trike & Tricycles Mums Recommend
Soccer team’s drone at center of Paris Olympics spying scandal
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Destination5 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News9 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Breaking News6 months agoCroatia to reintroduce compulsory military draft as regional tensions soar
-
Gaming6 months agoThe Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Guides & Tips7 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Motivation9 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Toys7 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Toys8 months ago15 of the Best Trike & Tricycles Mums Recommend