The strength of responsible disclosure is that it can solve problems before they are actioned. The weakness is that it potentially generates a false sense of security in the vendor.
On September 4, Microsoft applied CVE-2025-55241 to an Azure Entra elevation of privilege vulnerability, noting “The vulnerability documented by this CVE requires no customer action to resolve.” Simple problem, responsibly disclosed, quickly solved, and nothing to worry about.
But it disguises a far greater threat. A few months earlier, Dirk-jan Mollema had discovered a vulnerability that could have allowed him to compromise any Entra ID tenant in the world, outside perhaps of national cloud deployments, without leaving any trace of an incursion. Had that vulnerability been discovered by an adversarial nation-state, the harm done – globally – could have been immense.
Mollema combined the existence of undocumented impersonation tokens (called Actor tokens) used by Microsoft in backend service-to-service communications with a validation flaw in Azure AD Graph API. Together, they allowed undocumented tokens to be used for cross-tenant access.
These Actor tokens were not subject to security policies. Attackers successfully requesting an Actor token within their own tenant could, explains Mollema in a blog post, “authenticate as any user, including Global Admins, in any other tenant.”
Once created, an Actor token could impersonate anyone against the target service it was requested for, for 24 hours. “In my personal opinion,” he writes, “this whole Actor token design is something that never should have existed. It lacks almost every security control that you would want.”
Requesting the Actor token was not logged. There was no record of their existence. The Azure AD Graph API had no API level logging. So, an invisible attacker moving into a target tenant could access Entra ID data for user information, including all personal details, group and role information, the tenant’s conditional access policies, any application permission assignment, and device information and BitLocker keys synced to Entra ID.
“If a Global Admin was impersonated, it would also be possible to modify any of the above objects and settings. This would result in full tenant compromise with access to any service that uses Entra ID for authentication…” says Mollema.
Merely accessing the data would leave no logs. A Global Admin impersonation could also modify objects, including within Microsoft 365 which would be logged, but the logs would indicate modifications performed by a legitimate Global Admin and not necessarily produce a red flag for the defenders.
Mollema immediately reported his findings to the Microsoft Security Response Center (MSRC) on July 14, 2025. MSRC opened a case on the same day. On July 15, 2025, he reported more details on the impact – and MSRC asked him to stop further investigation of the vulnerability. On July 23, MSRC confirmed the issue had been solved. By August 6, MSRC pushed out further mitigations preventing Actor tokens being issued for the Azure AD Graph with SP credentials.
And on September 4, 2025, Microsoft issued CVE-2025-55241, including that line: “The vulnerability documented by this CVE requires no customer action to resolve.” This may be true. And Mollema should be lauded for his responsible disclosure, and Microsoft commended for its rapid reaction.
Both Mollema and Microsoft have said they found no evidence that the vulnerability has been used by any attacker, so you could say all’s well that ends well. But the whole process suppresses an uncomfortable reality: cybersecurity is fly by wire. The global cybersecurity ecosphere depends upon the work of researchers and vendors done behind our back. We often don’t know what they have found and solved, but equally, we don’t know what they have missed.
“This incident is a reminder that even the biggest providers are not immune from flaws, and that long-term, undetectable risks demand a proactive strategy that goes beyond traditional security tools,” comments Rob Demain, CEO of e2e-assure. His suggestion is that hybrid or multi-cloud approaches could alleviate similar threats. “By keeping some workloads on-premises and distributing others across multiple cloud providers, organizations can reduce dependency on a single vendor and significantly lower systemic risk.”
Related: Organizations Warned of Vulnerability in Microsoft Exchange Hybrid Deployment
Related: TeamFiltration Abused in Entra ID Account Takeover Campaign
Related: Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks
