{"id":5578,"date":"2025-09-22T06:14:34","date_gmt":"2025-09-22T06:14:34","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/09\/22\/microsoft-patches-critical-entra-id-flaw-enabling-global-admin-impersonation-across-tenants\/"},"modified":"2025-09-22T06:14:34","modified_gmt":"2025-09-22T06:14:34","slug":"microsoft-patches-critical-entra-id-flaw-enabling-global-admin-impersonation-across-tenants","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/09\/22\/microsoft-patches-critical-entra-id-flaw-enabling-global-admin-impersonation-across-tenants\/","title":{"rendered":"Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants"},"content":{"rendered":"<p>\u200bA critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.<br \/>\nThe vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no\u00a0A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.<br \/>\nThe vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bA critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra.&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2025\/09\/22\/microsoft-patches-critical-entra-id-flaw-enabling-global-admin-impersonation-across-tenants\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":5579,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/5578"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=5578"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/5578\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/5579"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=5578"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=5578"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=5578"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}