Microsoft has released a novel security flaw and patched Azure Health Bot, a managed AI-powered cloud platform that healthcare organizations operate to build virtual healthcare assistants. Researchers have explained how they gained access and how to quickly fix it.
WHY IS THIS IMPORTANT
The HIPAA-compliant Health Bot platform combines medical data with natural language capabilities to understand clinical terminology that can be used in clinical care, Microsoft said on its website.
Healthcare organizations can operate Health Bot to create personalized virtual assistants for clinical staff.
Microsoft has assigned an elevation of privilege vulnerability due to improper link resolution before a file is accessed, CVE-2024-38098August 13. In the report, Microsoft said the vulnerability has not been disclosed or exploited and is unlikely to be.
Tenable researchers obtained an access token for management.azure.com that allowed them to view a list of subscriptions they had access to through an application programming interface, which gave them an internal Microsoft subscription ID, they said Wednesday.
Researchers reportedly contacted Microsoft on June 17, and patches were deployed to the affected environments by July 2. historywhich meant that the vulnerability was fixed by discarding the redirection status codes for data connection endpoints.
In the company blog Tenable researchers said Tuesday they discovered multiple privilege escalation issues in Azure Health Bot via server-side request forgery, allowing researchers to access cross-tenant resources.
Tenable said its researchers were interested in data connections, which allow bots to interact with external data sources to pull information from other services a provider might operate — “such as a patient information portal or a general medical information reference database.”
“Given the level of access granted, it is likely that lateral movement to other resources would be possible,” the researchers said.
They said they also found another endpoint used to validate data connections for Swift Healthcare Interoperability Resources endpoints that was “more or less vulnerable to the same attack.” However, the FHIR endpoint vector could not affect requests and access.
Six of the nine zero-day vulnerabilities were also exploited, according to Microsoft. August Report.
BIGGER TREND
The U.S. Department of Health and Human Services requires FHIR APIs in all certified electronic health record systems that can be accessed by Azure Health Bot, as outlined in its Health Informatics Certification Program.
Because FHIR is a framework, discovered vulnerabilities are typically tracked to how data and application developers implement it. The FHIR standard is widely adopted as part of the future of healthcare interoperability.
In June, the Office of the National Coordinator for Healthcare Technology and the Health Resources and Services Administration announced that HRSA began using FHIR-based APIs to streamline reporting processes and improve data quality. It has been receiving live data reports from its Unified Data System since April.
“This [United States Core Data for Interoperability, a standardized set of health data classes and elements] and Bulk FHIR are designed to provide the digital glue for a learning-driven healthcare system and fully computable accountability for provider outcomes in a newfangled, big-data-driven way,” said Don Rucker, former ONC CEO and chief strategy officer at 1UpHealth, at the time of the agency’s announcement.
IN THE DOCUMENT
“This data connection feature is designed to allow the service backend to make requests to third-party APIs,” Tenable researchers wrote in a blog post.
“When testing these data connections to verify that they could interact with internal service endpoints, Tenable researchers discovered that many common endpoints, such as Azure’s Internal Metadata Service, were appropriately filtered or unavailable. However, upon closer inspection, they discovered that issuing redirect responses (e.g., 301/302 status codes) allowed these mitigations to be bypassed.”