Himmelblau Interoperability Suite Vulnerability in Microsoft Azure Entra ID and Intune
CVE-2025-59044

4.4MEDIUM

Key Information:

Vendor

Himmelblau-idm

Status
Himmelblau
Vendor
CVE Published:
9 September 2025

What is CVE-2025-59044?

The Himmelblau interoperability suite for Microsoft Azure Entra ID and Intune has a vulnerability that arises from its method of deriving numeric GIDs for Entra ID groups based on group display names. This default configuration results in the potential for multiple directory groups to collapse into the same numeric GID on Linux, specifically in versions 0.9.0 through 0.9.22. Consequently, unauthorized access could occur if a user creates or joins a group with the same display name as a privileged security group. To mitigate this issue, users should upgrade to version 0.9.23 or 1.0.0 or later, where the mapping of groups to GIDs now utilizes Entra ID object IDs (GUIDs), preventing the collision issue. In the interim, it is advisable to implement tenant policy restrictions to limit arbitrary group creation until the necessary updates are applied.

Affected Version(s)

himmelblau >= 0.9.0, < 0.9.23

References

https://github.com/himmelblau-idm/himmelblau/security/adv...
x_refsource_CONFIRM
https://github.com/himmelblau-idm/himmelblau/security/adv...
x_refsource_MISC
https://github.com/himmelblau-idm/himmelblau/commit/76c5b...
x_refsource_MISC

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-59044 : Himmelblau Interoperability Suite Vulnerability in Microsoft Azure Entra ID and Intune