Co-authors: Xianbo Wang, Adonis Fung, Julien Lecomte, Wing Cheong Lau

In this talk, we will cover how the uses of OAuth 2.0 in emerging integration platforms have arisen severe new attacks and defenses that impact the majority of big Internet players and billions of their users. In general, the OAuth mix-up attacks [1] were considered of low real-world impact, and thus resulting in limited adoption of defenses [2,3]. This is because the attack assumes that an OAuth client interacts with multiple authorization servers (e.g., login with Google and Facebook), in which some of them is either malicious or compromised—something difficult to achieve in practice. However, this situation has shifted within integration platforms.

Integration platforms are cloud-based platforms that aggregate multiple third-party apps or services, providing users with unified control. Common types include Workflow Automation platforms, Virtual Voice Assistants, Smart Homes and Large Language Model (LLM) platforms with plugins support. For instance, users can configure the Microsoft Power Automate platform to automatically save their Gmail attachments to Dropbox.

These platforms employ OAuth 2.0-based Account Linking to connect end-users' app accounts to their platform account, enabling authorized API calls to app servers. This allows the platform to orchestrate a wide range of external services on behalf of end-users. As most integration platforms are open ecosystems that welcome any developers to integrate their apps in a marketplace, this openness leaves room for malicious apps (and thus malicious authorization servers) to infiltrate.

The first half of the talk will cover our work to appear in USENIX Security 2025 [4]. Within integration platforms, we identified new variants of mix-up attacks: Cross-app OAuth Account Takeover (COAT) and Request Forgery (CORF). As long as a victim user establishes account linking with a malicious app, or potentially with just a click on a crafted link, they risk unauthorized access or privacy leakage of any apps on the platform. The vulnerabilities are prevalent across 15+ mainstream vendors. For example, an attacker can compromise victims' Microsoft 365 suite or Azure services with their single click on an unassuming link (CVE-2023-36019 [5], CVSS: 9.6).

In the second half, we will highlight the changes needed from a specification perspective. We believe that OAuth specifications, such as the OAuth Security BCP, could be updated to include practical defenses tailored for integration platforms to address mix-up attacks. We will provide concrete recommendations to [3] for these updates.

Our preliminary study was presented in Black Hat USA 2024 [6].

[1] Daniel Fett, Ralf Küsters, and Guido Schmitz. 2016. A Comprehensive Formal Security Analysis of OAuth 2.0. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS '16). https://doi.org/10.1145/2976749.2978385
[2] https://datatracker.ietf.org/doc/html/rfc9207
[3] https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.4
[4] Kaixuan Luo, Xianbo Wang, Pui Ho Adonis Fung, Wing Cheong Lau, and Julien Lecomte. 2025. Universal Cross-app Attacks: Exploiting and Securing OAuth 2.0 in Integration Platforms. 34th USENIX Security Symposium (USENIX Security 25).
[5] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36019
[6] Kaixuan Luo, Xianbo Wang, Adonis Fung, Julien Lecomte, and Wing Cheong Lau. 2024. One Hack to Rule Them All: Pervasive Account Takeovers in Integration Platforms for Workflow Automation, Virtual Voice Assistant, IoT, & LLM Services. Black Hat USA 2024. https://www.blackhat.com/us-24/briefings/schedule/#one-hack-to-rule-them-all-pervasive-account-takeovers-in-integration-platforms-for-workflow-automation-virtual-voice-assistant-iot--llm-services-38994