Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege

Aug 28, 2023

Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL.
“An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens,” Secureworks Counter Threat Unit (

Get Free Report & Network Analysis

Please check your email for the free report.