A recently disclosed vulnerability in Microsoft’s Entra ID (formerly Azure Active Directory) gave would-be attackers to impersonate any user, including Global Administrators, across multiple tenants, thought there is no evidence they have done so.
Tracked as CVE-2025-55241 and rated CVSS 10.0, this flaw impacted the core identity infrastructure relied on by enterprises worldwide (Microsoft, 2025). The flaw, discovered by security researcher Dirk-jan Mollema in July, stemmed from a combination of two architectural problems: the misuse of internal “Actor tokens” and a validation failure in the Azure AD Graph API, a legacy interface deprecated in August 2025 (Dirkjanm.io, 2025).
“This vulnerability could have allowed me to compromise every Entra ID tenant in the world (except probably those in national cloud deployments),” Mollema said about his discovery. “If you are an Entra ID admin reading this, yes, that means complete access to your tenant.”
Together, these weaknesses provide a recipe for disasters, allowing attackers to generate valid tokens in their own tenant and use them to access and control other tenants without prior access or user interaction.
The tokens bypassed multi-factor authentication (MFA) and Conditional Access policies, and critically, their use generated no logs in the victim tenant. Mollema demonstrated that an attacker could generate a valid Actor token in their own tenant and manipulate it to impersonate users in another. These tokens bypassed all security controls and, crucially, produced no logs in the target tenant. Even a brute-force approach to identifying a user’s netId (a legacy identifier) could be executed quietly and efficiently, enabling full directory access and privilege escalation. This made the attack difficult to detect, particularly for organizations relying on standard Microsoft audit tooling.
Once in control, an attacker could gain full administrative access, change configurations, create or escalate accounts, and access all services tied to that tenant, including Microsoft 365, SharePoint Online, Exchange Online, and any Azure-based workloads. In effect, this enabled complete tenant compromise.
Microsoft patched the vulnerability within days of disclosure and has not observed evidence of active exploitation. The company accelerated the deprecation of Azure AD Graph and recommended that organizations migrate to Microsoft Graph, which provides stricter validation and improved telemetry.
Even though Microsoft responded quickly in this case, the lack of tenant isolation and audit trails raises concerns about the underlying trust model used in many enterprise cloud platforms.
Microsoft’s swift patching of CVE-2025-55241 may have closed the immediate loophole, but the implications still linger. It was a mirror held up to the architecture of modern identity infrastructure, revealing how deeply legacy assumptions still run beneath today’s cloud-first environments.
The flaw wasn’t buried in obscure logic or zero-day complexity;it was sitting in plain sight, made possible by mechanisms that were functioning exactly as designed. Actor tokens were never meant to leave Microsoft’s backend. But when paired with a legacy API that didn’t check where requests were coming from, they became passports into any tenant in the world. The fix was necessary, but not sufficient. Because what failed here wasn’t just an interface. It was a model of trust that assumed too much, verified too little, and logged nothing.