Post from 2025-09-17 14:58:05
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens
https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
"I found the most impactful Entra ID vulnerability that I will probably ever find. This vulnerability could have allowed me to compromise every Entra ID tenant in the world"
permalink
|
main