A severe token validation flaw in Microsoft Entra ID (formerly Azure Active Directory) could have enabled attackers to impersonate any user—including Global Administrators—across any tenant.
Cataloged as CVE-2025-55241 with the highest possible CVSS score of 10.0, Microsoft described the bug as a privilege escalation vulnerability within Entra ID. The company confirmed it was not exploited in the wild and patched the issue on July 17, 2025, requiring no customer action.
The flaw was uncovered by security researcher Dirk-jan Mollema, who reported it on July 14. According to Mollema, the weakness theoretically allowed attackers to compromise every Entra ID tenant worldwide, aside from certain national cloud instances.
The root cause lay in the interaction of two elements: service-to-service (S2S) actor tokens issued by the Access Control Service (ACS), and a legacy flaw in the Azure AD Graph API (graph.windows.net). The API failed to properly validate the originating tenant, which meant ACS tokens could be misused for cross-tenant access.
What makes the issue especially dangerous is that the tokens adhered to Microsoft’s Conditional Access policies. This meant an attacker leveraging the Graph API could make unauthorized changes while remaining compliant with existing policies. Even more concerning, the Graph API lacked adequate logging, allowing intruders to access user data, groups, roles, tenant configurations, app permissions, device details, and BitLocker keys stored in Entra ID—all without leaving forensic traces.
If a Global Administrator account were impersonated, attackers could create accounts, escalate privileges, or extract sensitive data, leading to complete tenant compromise. Any Microsoft service tied to Entra ID authentication, such as SharePoint Online or Exchange Online, would be exposed.
Mollema further warned that such a compromise could extend to Azure-hosted resources, since Global Administrators can assign themselves rights over subscriptions and infrastructure.
The Azure AD Graph API was officially deprecated and retired on August 31, 2025. Microsoft had first announced its deprecation in 2019, encouraging customers to transition their applications to Microsoft Graph. Microsoft classified the issue as a case of “High-privileged access” (HPA), where an application or service obtains sweeping control over customer content, impersonating users without proof of their identity or context.
I’ve been using AI Technology from tyy.AI Tools to streamline my workflow, and it’s a game-changer for finding reliable, cutting-edge solutions without endless searching. Highly recommend!