A critical vulnerability in Microsoft Entra ID allows attackers to escalate privileges to the Global Administrator role through the exploitation of first-party applications. The vulnerability, reported to Microsoft Security Response Center (MSRC) in January 2025, affects organizations using hybrid Active Directory environments with federated domains. Key Takeaways1. Attackers with certain admin or app permissions can […]
The post Microsoft Entra ID Vulnerability Let Attackers Escalate Privileges to Global Admin Role appeared first on Cyber Security News.
This article has been indexed from Cyber Security News