CVE-2025-55241: Microsoft Entra ID Flaw with CVSS 10.0 Could Have Compromised Every Tenant Worldwide

In one of the most significant discoveries of 2025, security researcher Dirk-jan Mollema revealed a vulnerability in Microsoft Entra ID (formerly Azure AD) that could have enabled attackers to compromise virtually every tenant worldwide. The flaw, tracked as CVE-2025-55241 with a CVSS score of 10, stemmed from insecure “Actor tokens” and a validation failure in the legacy Azure AD Graph API.

Mollema uncovered what he describes as “the most impactful Entra ID vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world.”

The issue combined two elements:

• Undocumented impersonation tokens (Actor tokens) used by Microsoft for backend service-to-service authentication.
• A critical validation flaw in the Azure AD Graph API that failed to enforce tenant boundaries.

This meant that “with a token I requested in my lab tenant I could authenticate as any user, including Global Admins, in any other tenant.” Because Actor tokens bypassed Conditional Access, there was effectively no configuration an administrator could set to block such an attack.

Actor tokens are special JSON Web Tokens (JWTs) issued by Microsoft’s Access Control Service, primarily to let services like Exchange Online or SharePoint impersonate users. However, Mollema explained, “once Exchange has an Actor token, it can use the one Actor token to impersonate anyone against the target service it was requested for, for 24 hours.”

The tokens lacked basic safeguards:

• No logging when issued or used.
• No revocation before their 24-hour expiry.
• Bypassed Conditional Access entirely.

Mollema bluntly concluded, “in my personal opinion, this whole Actor token design is something that never should have existed. It lacks almost every security control that you would want.”

The second component of the vulnerability was Azure AD Graph’s failure to validate tenant IDs. By altering the tenant ID in an impersonation token, Mollema discovered he could query data in other tenants. He wrote, “I could indeed access data in other tenants, as long as I knew their tenant ID (which is public information) and the netId of a user in that tenant.”

From there, attackers could escalate:

• Impersonate a regular user to enumerate information.
• Identify Global Admins and craft tokens for them.
• Achieve full tenant takeover, with access extending to Microsoft 365 and Azure resources.

Worse still, the attack left almost no traces. As Mollema noted, “none of these actions would generate any logs in the victim tenant.”

Even the supposedly secret netId values of users weren’t safe. Mollema found that they were incremental and brute-forceable, making it feasible to guess valid IDs within minutes. He also demonstrated that attackers could abuse B2B trust relationships, using guest accounts to pivot between tenants. “The information needed to compromise the majority of all tenants worldwide could have been gathered within minutes using a single Actor token.”

Mollema responsibly disclosed the flaw to Microsoft’s Security Response Center (MSRC). Microsoft acted quickly, patching the vulnerability within days, blocking Actor tokens from being requested for Azure AD Graph, and issuing CVE-2025-55241.

Related Posts:

• Hijacking the Cloud: How a Misconfigured App Can Become a Global Admin in Entra ID
• 1Password Detects Suspicious Activity Following Okta’s Breach Announcement
• CVE-2025-55205: Critical Flaw in Capsule Kubernetes Exposes Clusters to Cross-Tenant Attacks
• Phishing for Profits: Attackers Mine Crypto & Spam Through OAuth Apps