{"id":3351,"date":"2025-05-28T13:31:50","date_gmt":"2025-05-28T13:31:50","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=3351"},"modified":"2025-05-28T13:31:50","modified_gmt":"2025-05-28T13:31:50","slug":"if-you-use-onedrive-to-upload-files-to-chatgpt-or-zoom-dont","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=3351","title":{"rendered":"If you use OneDrive to upload files to ChatGPT or Zoom, don\u2019t"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Using Microsoft OneDrive to upload a file to ChatGPT, Slack, or Zoom could lead to a user handing over access to more than just that one file.<\/p>\n

According to an Oasis Security research, applications using Microsoft\u2019s official OneDrive File Picker may get full read access to a OneDrive account in addition to write access, in certain circumstances.<\/p>\n

\u201cThe core issue here is with Microsoft\u2019s OneDrive File Picker, which requests broad access to a user\u2019s entire OneDrive \u2013even when the user is just trying to upload a single file,\u201d said Vijay Dilwale, principal security consultant at Black Duck. \u201cThe user experience makes it seem like only the selected file is being shared, but in reality, the app often gets full read (and sometimes write) access to everything.\u201d<\/p>\n

OneDrive File Picker is a Microsoft-provided tool that lets websites and web apps integrate with a user\u2019s OneDrive account to allow uploading, browsing, and selecting OneDrive files directly from the app.<\/p>\n

<\/a>An over-privileged OAuth trap<\/h2>\n

This broad access stems from a limitation in Microsoft\u2019s OAuth implementation<\/a> within File Picker that researchers described as \u201ca lack of fine-grained permissions scopes.\u201d<\/p>\n

Jason Soroko, senior fellow at Sectigo, calls the oversight an over-privileged OAuth trap. \u201cMicrosoft\u2019s OneDrive File Picker encourages third-party web apps to request broad files,\u201d he said. \u201cOnce issued, those long-lived tokens are often cached in localStorage or back-end databases without any encryption, potentially allowing attackers to trawl an entire tenant\u2019s data.\u201d<\/p>\n

OneDrive File Picker\u2019s OAuth implementation requests broad scopes, instead of fine-grained, file-level scopes, allowing users and developers to restrict access to only the files explicitly selected.<\/p>\n

According to Oasis, all versions of the OneDrive File Picker request permissions that allow them to read the user\u2019s entire OneDrive drive for the \u201cupload\u201d process and write to anywhere on the drive for the \u201cdownload\u201d process.<\/p>\n

However, version 7.0 of the File Picker in specific requests both read and write permissions for the upload process.<\/p>\n

\u201cThe lack of fine-grained scopes for the file picker use case makes it impossible for users to distinguish between malicious apps that target all your files and legit apps that ask for excessive permissions just because there is no other secure option,\u201d researchers said in a blog post<\/a>.<\/p>\n

<\/a>Web app vendors aren\u2019t off the hook<\/h2>\n

This could be bad news for security teams, according to Eric Schwake, director of cybersecurity strategy at Salt Security. \u201cSensitive secrets required for this access are often stored in an insecure manner by default,\u201d Schwake said. \u201cThis situation presents a key API security challenge for security teams, and with services like ChatGPT heavily depending on APIs to access and handle user data, this poses an even greater risk.\u201d<\/p>\n

A third-party web application ending up with \u201cunintentional\u201d user data owing to this situation becomes a target for threat actors and could potentially run afoul of compliance rules just by having that level of access.<\/p>\n

Oasis notes that apps such as ChatGPT (uses File Picker v8.0), ClickUp, Trello, Zoom, and Slack are potentially affected. Even apps like Phenome, a recruitment tool, could unintentionally expose confidential files if users upload resumes from corporate accounts.<\/p>\n

\u201cVendors developing Web apps are at risk, as security incidents could result in severe consequences, leaking a lot of files from a lot of their users,\u201d Oasis researchers noted.<\/p>\n

<\/a>Certain steps are key while Microsoft looks into the issue<\/h2>\n

Oasis reported that it had contacted Microsoft, which acknowledged the report and indicated that it may consider making improvements in the future.<\/p>\n

Microsoft did not respond to queries about the issue.<\/p>\n

In the meantime, Oasis recommended a few mitigation steps for web apps, which include removing the file upload option using OneDrive through OAuth until Microsoft fixes it, and exploring simpler workarounds like supporting shared \u201cview only\u201d file links from OneDrive.<\/p>\n

Oasis also noted that File Picker solutions on other file hosting services such as Google Drive and Dropbox can be used as an alternative too as they don\u2019t suffer from this issue.<\/p>\n

\u201cUsers should assume that every SaaS plug-in they authorize has the keys to their personal or enterprise crown jewels unless proven otherwise,\u201d Soroko said. \u201cSecurity teams should enforce \u2018admin consent\u2019 or conditional-access<\/a> policies that block apps requesting anything beyond Files.Read.\u201d Schwake added that stronger API governance to ensure all API permissions are meticulously managed, which includes sticking to least privilege<\/a> and secure handling of tokens, is necessary for avoiding extensive data exposure.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Using Microsoft OneDrive to upload a file to ChatGPT, Slack, or Zoom could lead to a user handing over access to more than just that one file. According to an Oasis Security research, applications using Microsoft\u2019s official OneDrive File Picker may get full read access to a OneDrive account in addition to write access, in […]<\/p>\n","protected":false},"author":0,"featured_media":3352,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3351","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3351"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3351"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3351\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/3352"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}