Obtaining Global Admin in Every Entra Id Tenant

Posted4 months agoActive4 months ago

amaccuish

23 points

1 comments

dirkjanm.ioTechstory

heatednegative

Debate

40/100

Azure AdSecurity VulnerabilityEntra Id

Key topics

Azure Ad

Security Vulnerability

Entra Id

A security researcher discovered a vulnerability allowing global admin access to every Entra ID tenant, with a commenter expressing concern over the lack of logging and potential notification issues for affected tenants.

Snapshot generated from the HN discussion

Discussion Activity

Light discussion

First comment

Peak period

4-5h

Avg / period

Key moments

01Story posted
Sep 17, 2025 at 9:32 AM EDT
4 months ago
Step 01
02First comment
Sep 17, 2025 at 2:29 PM EDT
5h after posting
Step 02
03Peak activity
1 comments in 4-5h
Hottest window of the conversation
Step 03
04Latest activity
Sep 17, 2025 at 2:29 PM EDT
4 months ago
Step 04

Generating AI Summary...

Analyzing up to 500 comments to identify key contributors and discussion patterns

Discussion (1 comments)

Showing 1 comments

speckx

4 months ago

> These tokens allowed full access to the Azure AD Graph API in any tenant. Requesting Actor tokens does not generate logs. Even if it did they would be generated in my tenant instead of in the victim tenant, which means there is no record of the existence of these tokens.

Wow! No logs.

I wonder how Microsoft would notify affected tenants.

View full discussion on Hacker News

ID: 45275626Type: storyLast synced: 11/20/2025, 6:42:50 PM

Want the full context?

Jump to the original sources

Read the primary article or dive into the live Hacker News thread when you're ready.

Open link View on HN