A security researcher discovered a critical vulnerability in a major cloud provider's identity and access management platform, Entra ID. The flaw involved improper token validation in a legacy API, which could have allowed an attacker to gain global administrator privileges in nearly any customer's cloud environment. This 'god mode' access would have enabled a complete takeover of affected tenants, compromising integrated services and resources. The researcher responsibly disclosed the issue, and the provider acted quickly to mitigate the vulnerability globally within days. While the provider found no evidence of malicious exploitation, the discovery highlights the potential for catastrophic, large-scale consequences when core cloud infrastructure has a weakness.
Latest mentioned: 09-19
Earliest mentioned: 09-18