- Description
- Azure Entra ID Elevation of Privilege Vulnerability
- Source
- secure@microsoft.com
- NVD status
- Analyzed
- CNA Tags
- exclusively-hosted-service
- Products
- entra_id
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- secure@microsoft.com
- CWE-306
- Hype score
- Not currently trending
CVE-2025-59246 - Security Update Guide - Microsoft - Azure Entra ID Elevation of Privilege Vulnerability 9.8! No action required from the customer https://t.co/IQPm49oJar
@samilaiho
10 Oct 2025
709 Impressions
2 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: Microsoft Entra flaw (CVE-2025-59246) allows unauthenticated attackers to gain full system control. No patch yet — restrict access & monitor now! 🛡️ https://t.co/2LC3dSuuV9 #OffSeq #Microsoft #Entr... https://t.co/bspFMdtYVG
@offseq
10 Oct 2025
82 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
**CVE-2025-59246** pertains to a critical elevation of privilege (EoP) vulnerability within Microsoft Azure Entra ID (formerly Azure Active Directory). This flaw allows an attacker to escalate their privileges within the Azure Entra ID environment, potentially gaining
@CveTodo
9 Oct 2025
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:entra_id:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D09E509F-AFF3-4991-877A-D197388E7AD4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]