CVE-2025-55241
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-04
Last updated on: 2025-09-24
Assigner: Microsoft Corporation
Description
Description
Azure Entra ID Elevation of Privilege Vulnerability
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| microsoft | entra_id | * |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Elevation of Privilege issue in Azure Entra, which means an attacker could exploit it to gain higher privileges than intended within the system.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to gain elevated privileges, potentially leading to full control over affected resources, compromising confidentiality, integrity, and availability.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70