Microsoft Entra ID, previously known as Azure Active Directory, has been impacted by a security vulnerability, which could be leveraged to evade authentication controls and freely access and impersonate synchronized users, SC Media reports.
Such a flaw could be exploited by threat actors with local administrative privileges on a pass-through authenticator, according to a Cymulate report.
While Microsoft has noted the bug as a moderately severe issue that does not require immediate fixes, its severity was emphasized by cybersecurity experts, including DoControl Product Manager Tal Mandel Bar, who noted the susceptibility of even users with the highest privileges to impersonation.
"It's like being able to put on anyone's identity badge, even the CEO's. What's particularly worrying is how this vulnerability could enable lateral movement. In a complex enterprise environment with multiple subsidiaries or departments, an attacker could hop from one domain to another, potentially compromising the entire organization," Mandel Bar added.