Risk Scores

Affected Products

Timeline

• Sep 4, 2025 CVE Published
• Sep 5, 2025 EPSS Score
• Sep 5, 2025 Coalition ESS Score
• Sep 5, 2025 Coalition ESS Score
• Sep 5, 2025 PoC Published
• Sep 5, 2025 PoC Published
• Sep 5, 2025 PoC Published
• Sep 6, 2025 Coalition ESS Score
• Sep 8, 2025 Coalition ESS Score
• Sep 9, 2025 Coalition ESS Score
• Sep 12, 2025 EPSS Score
• Sep 13, 2025 Coalition ESS Score

References

• Azure Entra ID Elevation of Privilege Vulnerability vendor-advisory
• https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/ exploit
• https://nvd.nist.gov/vuln/detail/CVE-2025-55241 advisory
• https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens url