CVE-2025-55241

Published Sep 4, 2025

Last updated 2 days ago

CVSS critical 10.0
Microsoft Azure Entra

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-55241 is an elevation of privilege vulnerability affecting Microsoft Azure Entra ID. It is categorized under CWE-287 (Improper Authentication). An attacker can exploit a flaw in Azure Entra's code that incorrectly manages permissions by sending a specially crafted request to elevate their privilege level. This could lead to unauthorized data access or manipulation, potentially compromising the system's integrity and confidentiality. As of September 2025, there are no public technical details, exploitation code, or root cause analysis available for this specific vulnerability. However, similar Azure Entra ID privilege escalation vulnerabilities involve service principal permission abuse, OAuth scope misconfigurations, hybrid identity synchronization weaknesses, and exploitation of undocumented permissions in Microsoft first-party applications. Applying the vendor's patch is the best way to mitigate this vulnerability.

Description
Azure Entra Elevation of Privilege Vulnerability
Source
secure@microsoft.com
NVD status
Modified
CNA Tags
exclusively-hosted-service
Products
entra_id

Risk scores

CVSS 3.1

Type
Primary
Base score
10
Impact score
6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

secure@microsoft.com
CWE-287

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

27

  1. 2025-09-19 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― CVE-2025-55241 - Security Update Guide - Microsoft - Azure Entra Elevation of Privilege Vulnerability https://t.co/xHr8zRpKLX https://t.co/nTdaffJGhv

    @motikan2010

    20 Sept 2025

    131 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Critical Entra ID Vulnerability - CVE-2025-55241 Key takeaways from Dirk-jan Mollema's groundbreaking research on a vulnerability that could have compromised every Microsoft Entra ID (Azure AD) tenant worldwide Details in thread

    @ElwaliKarkoub

    19 Sept 2025

    42 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    1 Reply

    0 Quotes

  3. Entra IDのゼロデイ脆弱性CVE-2025-55241について。Azure AD Graph APIにおける認証の不備。別のセキュリティ不備「Actor tokens」のアクセス制御ポリシーが適用されない欠陥と、テナント間侵害が可能に。元々CVSSスコア

    @__kokumoto

    19 Sept 2025

    2313 Impressions

    7 Retweets

    26 Likes

    12 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨Detect Actor Token Abuse (#CVE-2025-55241) After verifying the details with @_dirkjan, I created a query to detect Actor Token abuse, regardless of the activity involved. The idea is simple: If these activities are S2S, they should originate from Microsoft service IPs. 🧐

    @Cyb3rMonk

    19 Sept 2025

    14882 Impressions

    43 Retweets

    211 Likes

    132 Bookmarks

    3 Replies

    0 Quotes

  5. CVE-2025-55241 Azure Entra Elevation of Privilege Vulnerability https://t.co/WnMy0oJyi8 #cybersecurity #SecQube

    @SecQube

    19 Sept 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Microsoft patches critical Entra ID flaw (CVE-2025-55241) enabling silent full tenant takeover via Azure AD Graph API gaps. Patching and migrating to Microsoft Graph recommended. #CloudSecurity #AzureAD #USA https://t.co/vii0lmdds7

    @TweetThreatNews

    19 Sept 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. #Cloud_Security 1. One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens (CVE-2025-55241) https://t.co/nFUIpiASnc 2. AWS Infrastructure Canarytoken https://t.co/qObGiuivPn // new feature allowing quick deployment of decoy AWS resources (S3,

    @ksg93rd

    18 Sept 2025

    47 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  8. CVE-2025-55241 Read this nerds, trust me. Link in comments 👇 https://t.co/PpGQmXuPRr

    @reg_expression

    18 Sept 2025

    168 Impressions

    1 Retweet

    4 Likes

    0 Bookmarks

    2 Replies

    0 Quotes

  9. [CVE-2025-55241: CRITICAL] Azure Entra Elevation of Privilege Vulnerability#cve,CVE-2025-55241,#cybersecurity https://t.co/nyUqgHnkQX

    @CveFindCom

    8 Sept 2025

    70 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  10. Azure Entra EoP: CVE-2025-55241 Critical Elevation of Privilege found in Azure Entra lets attackers gain higher access via token manipulation. Patch ASAP. For more details, read ZeroPath's blog on this vuln. #CloudSecurity #AppSec #Azure https://t.co/USacSlNUWa

    @ZeroPathLabs

    5 Sept 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. 🚨 CRITICAL vuln in Microsoft Entra: CVE-2025-55241 allows remote privilege escalation via improper authentication. No patch yet—enforce MFA & tighten RBAC! Cloud security at risk. Details: https://t.co/wf2vkIdy5q... https://t.co/xacJIwEaq3

    @offseq

    5 Sept 2025

    70 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.