Two cybersecurity vulnerabilities in Microsoft's Azure Health Bot Service were discovered by a team of researchers, which could have led to access to sensitive health data.
A new report shared with The Hacker News has highlighted two security vulnerabilities that Microsoft has now patched, and according to the report, the vulnerabilities, when exploited, could have enabled a bad actor to gain access to sensitive patient data. The Azure Health Bot Service enables developers in healthcare organizations to easily implement AI virtual health assistants that are interactable by patients and can also be used to offload administrative tasks.
Additionally, these services are also used by insurance providers that allow customers to query the AI chatbot for answers on their personal insurance claim, any benefits they may be getting, and available services. Tenable's research found that an aspect of the Azure AI Health Service featured a vulnerability, which was called Data Connections. Reports indicate this mechanism was responsible for integrating data from third-party sources through an API.
"The vulnerabilities raise concerns about how chatbots can be exploited to reveal sensitive information," Tenable said in a statement. "In particular, the vulnerabilities involved a flaw in the underlying architecture of the chatbot service, highlighting the importance of traditional web app and cloud security in the age of AI chatbots."
Tenable found the API's security protections could be bypassed, enabling access for the user. As for the other vulnerability, Tenable found an endpoint related to integrating systems with Fast Healthcare Interoperability Resources (FHIR) data exchange format, was also vulnerable to the same attack as the API vulnerability.
"A threat actor could have used such access to perform privilege elevation to Global Administrator and install further means of persistence in a tenant," security researcher Eric Woodruff said. "An attacker could also use this access to perform lateral movement into any system in Microsoft 365 or Azure, as well as any SaaS application connected to Entra ID."
"An authenticated attacker can exploit a Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network," said Microsoft in an advisory released on August 13, 2024.