Security researcher, hacker and founder at Outsider Security | Microsoft MVP and MVR
Almost 7 years ago I started my research into the Microsoft cloud. A few months ago I found the most critical vulnerability in Entra ID I could ever imagine: a token validation flaw allowing me to get Global Admin in every Entra ID tenant (yes, that includes your tenant). Read all the details in my latest blog: https://lnkd.in/eXgeHyJR
Insane bug. Every tenant should have a (disabled) Dirk-Jan user to commemorate this.
Eito Tamura
1w
Awesome write-up, thanks for sharing! Have they extended it again?🤔 August 31, 2025: End of extended access to Azure AD Graph. Azure AD Graph will be fully retired.
Jouni Ritola
1w
Nice catch 🥳 I really hope that you were first to discover this.
Awesome work and great writeup! What a finding 😅
Jos Lieben
1w
Wauw, lekker bezig Dirk-jan! En how the fuck ga je (en wie dan ook) dit ooit nog toppen 😆
I think we have new nr 1 at Microsoft ;-) Really well done!! And as some already are saying: glad to have you on our side! #deeprespect!
Great find and amazing job. And it doesn’t only affect Azure cloud but since many organizations use Entra ID also for onsite authentication or their digital workplace the potential damage could be way larger.
The 1.000.000.000.000 Bounty 😅
BeeHolder BV | Software Solutions
1wCan you please delete my orphan B2C tenants with botched MFA on admin account ?