OneDrive Exploit Explained — How File Picker Access Can Lead to Massive Data Exposure

Read full article here: https://www.oasis.security/blog/onedrive-file-picker-security-flaw-oasis-research/?utm_source=nhimg

Oasis Security’s research team has discovered a critical vulnerability in Microsoft’s OneDrive File Picker that allows websites and applications to access a user’s entire OneDrive storage—not just the specific files selected during upload. This flaw impacts hundreds of widely used apps, including ChatGPT, Slack, Trello, and ClickUp, potentially exposing millions of personal and enterprise users to serious data leakage and compliance violations.

Upon discovery, Oasis Security promptly reported the issue to Microsoft and notified affected vendors. Microsoft has acknowledged the report and is exploring updates to improve OAuth scope precision and better align user consent prompts with actual data access levels.

Understanding the OneDrive File Picker Flaw

The OneDrive File Picker is designed to allow users to upload or share specific files from their OneDrive account through third-party web applications. However, Oasis Security researchers found that the current implementation grants full read access to the user’s entire OneDrive, far beyond what is necessary for basic file uploads.

This means any app integrated with the File Picker could theoretically view all files and folders within a user’s OneDrive account, creating a massive privacy and security risk.

Key Issues Identified

1. Excessive Permissions in OneDrive File Picker

The OneDrive File Picker requests broad OAuth permissions that cover full drive access, due to the lack of fine-grained scope control in Microsoft’s implementation.

Even when users select a single file for upload, the File Picker’s OAuth consent prompt is vague and fails to communicate the true extent of access being granted. Most users unknowingly approve full-drive access without understanding the risk.

This lack of transparency creates an environment where:

• Benign apps appear overprivileged, even if they only need access to specific files.
• Malicious apps can exploit this model to access all user data under the guise of legitimate use.
• Users and organizations cannot easily distinguish safe integrations from dangerous ones.

2. Insecure Storage of Sensitive Secrets

The security problem is compounded by how sensitive tokens are stored and managed within applications using the File Picker.

The latest OneDrive File Picker (v8.0) requires developers to handle authentication through the Microsoft Authentication Library (MSAL), often using the OAuth Authorization Code Flow. Oasis researchers found multiple weaknesses in this setup:

• Access tokens are stored in plain text within the browser’s session storage.
• The use of refresh tokens extends access duration, making it harder to revoke compromised tokens.
• These tokens can be extracted if the browser or application is compromised.

Notably, OpenAI’s ChatGPT and other major applications use File Picker v8.0, meaning millions of active users may already have unknowingly exposed their data.

Security Impact

The implications of this flaw are significant:

• Enterprise Data Exposure: Corporate files, shared folders, and confidential documents may be accessible to third-party applications.
• Compliance Violations: Organizations under regulations like GDPR, HIPAA, or SOC 2 could face compliance breaches if sensitive data is unintentionally exposed.
• Supply Chain Risks: Applications with legitimate OneDrive integrations could become indirect attack vectors.

Mitigation Recommendations from Oasis Security

For Individual Users:

1. Review Granted App Permissions:
   • Log in to your Microsoft Account.
   • Go to Privacy → App Access → Manage Apps.
   • Review the list of connected apps and click Details to view scopes and permissions.
   • Revoke access to any unfamiliar or unnecessary apps.
2. Stop Sharing Access:
   • Use the “Stop Sharing” option to revoke an app’s access token.
   • Note: Access Tokens expire in about one hour, but this action also invalidates any active Refresh Tokens.

For Organizations:

1. Audit Third-Party Integrations:
   • In the Microsoft Entra Admin Center, review all enterprise applications.
   • Inspect the Permissions tab for each app to identify excessive delegated scopes.
   • Track the user or service principal who granted the permissions.
2. Enforce Conditional Access Policies:
   • Implement strict approval workflows for apps requesting OneDrive access.
   • Limit permissions to least privilege and revoke unused delegations.
3. Monitor for File Picker Usage:
   • Attempt to upload or download files through your applications.
   • When the consent prompt appears, check for OneDrive access scopes.

For Developers and Web App Vendors:

Oasis Security recommends temporarily removing OneDrive File Picker integrations via OAuth until Microsoft provides a more secure solution. In the interim:

• Avoid requesting the offline_access scope.
• Do not store refresh tokens or long-lived credentials.
• Store access tokens securely, and delete them immediately after use.
• Consider implementing view-only shared links as a safer alternative to file uploads.

If full removal is not possible:

• Encrypt tokens at rest.
• Implement session-based access controls.
• Periodically revalidate permissions and purge old access tokens.

Microsoft’s Response

Following Oasis Security’s report, Microsoft stated it is evaluating improvements to OneDrive’s OAuth permission model to reduce over-privileged scopes and enhance user consent clarity.

While Microsoft has not yet issued a formal patch timeline, the company acknowledged the security gap and the potential risk it poses to users and developers worldwide.

The Bigger Picture: OAuth and the Hidden Risks of Over-Privilege

This discovery underscores a growing challenge in modern identity security: excessive OAuth permissions and lack of transparency in delegated access models.
As identity boundaries blur between cloud platforms and third-party integrations, machine identities, like tokens, apps, and APIs, often become the weakest link.

Without fine-grained scopes and proper token hygiene, these integrations create a shadow access ecosystem that attackers can exploit to gain persistent access to sensitive data.

Conclusion

The OneDrive File Picker vulnerability highlights the urgent need for stronger identity and access governance in the era of interconnected apps and automation. Excessive permissions, poor visibility, and insecure token storage are creating a new class of security blind spots that impact both individuals and enterprises.

Organizations must act now, review app permissions, enforce least privilege, and adopt automated identity management to mitigate risks before exploitation occurs.

Oasis Security continues to work closely with cloud vendors and enterprises to strengthen Non-Human Identity (NHI) security and protect the integrity of digital ecosystems.