Entra ID

Microsoft patches terrifyingly serious Entra ID privilege elevation vulnerability

Details have emerged about a now-patched flaw in Microsoft Entra ID which could have been exploited to gain access to any tenant of any company in the world.

Tracked as CVE-2025-55241, the Azure Entra Elevation of Privilege Vulnerability has a CVSS 3.1 severity rating of 10.0. The security researcher who discovered the flaw said that he had “found the most impactful Entra ID vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world”.

By Sofia Elizabella Wyciślik-Wilson - September 22, 2025

Entra ID

Microsoft patches terrifyingly serious Entra ID privilege elevation vulnerability

Recent Headlines

Your earbuds can now translate over 70 languages in real time with Gemini AI

Financial sector hit hard by breaches but ransomware seeks targets elsewhere

Over a third of US adults now use AI every day

Most companies aren't measuring AI's environmental impact, new report shows

Huawei's new Mate X7 foldable phone has a slimmer build, upgraded cameras and an improved hinge

One in 25 digital identity checks flagged as fraudulent

How self-governing identity infrastructure can streamline policy enforcement [Q&A]

Most Commented Stories

You can now grab a wide selection of Windows 11 themes from the Microsoft Store

Microsoft will let you remove AI Action from the Windows 11 context menu

Google Maps now makes it easier for iPhone users to find their cars

Ashampoo announces Burning Studio 27 with smarter ripping and better audiobook tools

Your earbuds can now translate over 70 languages in real time with Gemini AI

WhatsApp group chats are about to become much more useful

How agentic AI is set to redefine enterprise APIs [Q&A]

NordVPN expands its security suite with a new email protection feature

NEWS

UNITED KINGDOM