#cross-tenant-impersonation
#cross-tenant-impersonation

[ follow ]

All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher

Undocumented Microsoft Actor tokens plus an Azure AD Graph validation flaw allowed cross-tenant impersonation without logging, enabling undetectable global Entra ID compromise.

fromTechzine Global

2 weeks ago

Dutch hacker: all Microsoft Entra ID tenants at risk

Dutch security researcher Dirk-jan Mollema discovered a critical vulnerability in Microsoft Entra ID that allowed full access to every tenant in the world. Microsoft fixed the problem within days of being notified. The flaw consisted of undocumented impersonation tokens and a validation error in the old Azure AD Graph API. With this vulnerability, a successful attack would remain completely invisible. This is because there was no logging for requesting Actor tokens. Even if there had been, it would only appear in the attacker's tenant, not in the victim's.

Information security

[ Load more ]

#cross-tenant-impersonation#cross-tenant-impersonation

All Microsoft Entra Tenants Were Exposed to Silent Compromise via Invisible Actor Tokens: Researcher

Dutch hacker: all Microsoft Entra ID tenants at risk

#cross-tenant-impersonation
#cross-tenant-impersonation