Elevation of Privilege Vulnerability in Microsoft Azure Entra ID
CVE-2025-59246

9.8CRITICAL

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
9 October 2025

What is CVE-2025-59246?

The vulnerability in Azure Entra ID allows for an elevation of privilege, which can potentially enable unauthorized access to sensitive resources and functionalities. Malicious actors could exploit this vulnerability to gain higher privilege levels within the Azure environment, posing a significant security risk. The potential for unauthorized access emphasizes the need for immediate awareness and mitigation measures to safeguard user accounts and organizational data.

Affected Version(s)

Microsoft Entra Unknown

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-59246 : Elevation of Privilege Vulnerability in Microsoft Azure Entra ID