Microsoft OneDrive File Picker Flaw Gives Apps Full Access to User Cloud Data
Microsoft OneDrive File Picker Grants Over-Permissioned Access to Hundreds of Apps, Exposing User Data
A new investigation by Oasis Security has uncovered a significant privacy flaw in Microsoft’s OneDrive File Picker, a feature integrated with hundreds of popular web applications including ChatGPT, Slack, Trello, and ClickUp. The flaw enables connected applications to gain overly broad access to users’ cloud data—far beyond what users expect or consent to.
The issue lies in how the OAuth permission model is implemented in the File Picker. Instead of restricting access to just the files users choose to upload or share, OAuth scopes grant full read or write access to a user’s entire OneDrive. Worse, that access can persist long after the initial file transfer.
A Hidden Threat in Plain Sight
OAuth is the industry-standard protocol for delegated access between services. But in this case, OneDrive lacks fine-grained permission scopes—unlike competing services like Google Drive and Dropbox, which offer precise controls down to specific files or folders.
While users are shown a consent screen that suggests limited file access, what actually happens is application-wide access to OneDrive’s entire contents, a major discrepancy that exposes users to silent data overreach.
“The File Picker’s permissions model is fundamentally flawed—it gives third-party apps the keys to the entire drive when the user just wants to upload a single file,” said Oasis in their unreleased blog post.
See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses
Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.
Legacy Issues Add to the Risk
Compounding the issue, older versions (6.0–7.2) of the OneDrive File Picker used outdated authentication flows, exposing access tokens in browser localStorage or URL fragments—both insecure vectors if a malicious actor has browser-level access.
While version 8.0 adopts a more modern design, it still stores sensitive tokens in browser session storage in plain text, which remains exploitable under certain local threat conditions.
Scale of Exposure: ChatGPT, Trello, Slack Users Affected
Oasis estimates that hundreds of applications leverage OneDrive’s File Picker integration, potentially placing millions of users at risk. Applications like ChatGPT, which supports OneDrive uploads, have massive user bases—ChatGPT alone reportedly sees over 400 million active users per month.
Unless manually revoked, many of these apps retain persistent access to user cloud storage, creating a long-term exposure vector with little user awareness or control.
Microsoft’s Response: “Working as Designed”
Oasis reported the flaw to Microsoft and major app vendors ahead of public disclosure. Microsoft acknowledged the findings but noted that the system is functioning as intended.
In other words, there are no current plans to implement more restrictive permission scopes or to clarify consent screens—leaving the burden on users and developers to safeguard their data.
Expert Commentary: “A Serious API Security Challenge”
Eric Schwake, Director of Cybersecurity Strategy at Salt Security, warned of the broader implications:
“This research points to a major privacy risk. Because the OAuth scopes in the OneDrive File Picker are too broad, apps can access an entire drive, not just selected files.”
“Combined with insecure token storage, this presents a serious API security challenge. Organizations need strict governance, granular permissions, and secure token practices to protect user data.”
What Users Can Do Now
To reduce risk, users should regularly review which apps have access to their Microsoft account and revoke unnecessary or suspicious permissions.
How to Check App Permissions:
- Visit https://account.microsoft.com and sign in.
- Navigate to the “Privacy” section.
- Scroll to “Apps and Services” you’ve connected.
- Click “Details” to view app permissions.
- Use “Remove these permissions” or “Stop sharing” to revoke access.
Recommendations for Enterprises and Developers
For Companies:
- Use Microsoft Entra Admin Center to audit app permissions at the enterprise level.
- Review service principals and enforce least-privilege access.
- Consider using Azure CLI or automation tools to flag over-permissioned apps.
For Developers:
- Avoid long-lived refresh tokens.
- Store tokens securely (not in local/session storage).
- Consider using shared, view-only file links instead of direct File Picker integrations.
Are u a security researcher? Or a company that writes articles about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing? If you want to express your idea in an article contact us here for a quote: [email protected]
Source: hackread.com
Recent News
Freight Brokers Hit by RMM-Based Cyber Attacks Aimed at Physical Cargo Theft
AdaptixC2: Open-Source C2 Tool Gains Traction with Ransomware-Linked Actors
Nearly 76,000 WatchGuard Firebox Appliances Exposed — Critical IKEv2 RCE (CVE-2025-9242)
LinkPro Rootkit: New eBPF-Backed GNU/Linux Backdoor Found in Compromised AWS Environments
Offensive Security & Ethical Hacking Course
Begin the learning curve of hacking now!
Information Security Solutions
Find out how Pentesting Services can help you.
