With over 15 years of experience in cybersecurity & risk management, I specialize in the NIST framework, including CMMC. I deliver on time results and solve problems.
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants https://ift.tt/Yw7kchi A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. The vulnerability, tracked as CVE-2025-55241, has been assigned the maximum CVSS score of 10.0. It has been described by Microsoft as a privilege escalation flaw in Azure Entra. There is no via The Hacker News https://ift.tt/hCYMkfl September 22, 2025 at 12:47AM
