URL has been copied successfully!
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants


Tags: , , , ,

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no

First seen on thehackernews.com

Jump to article: thehackernews.com/2025/09/microsoft-patches-critical-entra-id.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Critical Microsoft Bing Vulnerability Enabled Remote Code Execution Attacks
  2. New Windows zero-day feared abused in widespread espionage for years
  3. April Patch Tuesday news: Windows zero day being exploited, ‘big vulnerability’ in 2 SAP apps
  4. Patch Tuesday priorities: Vulnerabilities in SAP NetWeaver and Microsoft NTLM and Hyper-V