Cymulate Research Labs discovered a high-severity authentication bypass vulnerability in Microsoft Windows Admin Centre’s Azure AD Single Sign-On implementation that enables attackers with local administrator access on a single machine to compromise any other Windows Admin Center-managed system within the same Azure tenant. The flaw, tracked as CVE-2026-20965, stems from improper validation of Proof-of-Possession (PoP) tokens […]
The post Azure Identity Token Flaw Exposes Windows Admin Center to Tenant-Wide Breaches appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Read the original article: