{ads}

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

Written By Sunday, 21 September 2025 Add Comment



September 22, 2025 at 11:17AM

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no

from The Hacker News https://ift.tt/0O9owvy

0 Response to "Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants"

Post a Comment

Subscribe to: Post Comments (Atom)

Article Top Ads

Central Ads Article 1

Middle Ads Article 2

Article Bottom Ads