Vulnerability Management

Microsoft Entra ID Vulnerability Allows User Spoofing

Microsoft is a multinational technology company, known for its software products

Microsoft Entra ID, previously known as Azure Active Directory, has been impacted by a security vulnerability, which could be leveraged to evade authentication controls and freely access and impersonate synchronized users, SC Media reports.

Such a flaw could be exploited by threat actors with local administrative privileges on a pass-through authenticator, according to a Cymulate report.

While Microsoft has noted the bug as a moderately severe issue that does not require immediate fixes, its severity was emphasized by cybersecurity experts, including DoControl Product Manager Tal Mandel Bar, who noted the susceptibility of even users with the highest privileges to impersonation.

"It's like being able to put on anyone's identity badge, even the CEO's. What's particularly worrying is how this vulnerability could enable lateral movement. In a complex enterprise environment with multiple subsidiaries or departments, an attacker could hop from one domain to another, potentially compromising the entire organization," Mandel Bar added.

You can skip this ad in 5 seconds

Cookies

This website uses cookies to improve your experience, provide social media features and deliver advertising offers that are relevant to you.

If you continue without changing your settings, you consent to our use of cookies in accordance with our privacy policy. You may disable cookies.