Oct 2025: Azure Entra ID Elevation of Privilege Vulnerability
CVE-2025-59246 Published on October 9, 2025
Azure Entra ID Elevation of Privilege Vulnerability
Azure Entra ID Elevation of Privilege Vulnerability
Weakness Type
Missing Authentication for Critical Function
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Products Associated with CVE-2025-59246
Want to know whenever a new CVE is published for Microsoft Entra Id? stack.watch will email you.
Affected Versions
Microsoft Entra Version - is affected by CVE-2025-59246Exploit Probability
EPSS
0.17%
Percentile
38.58%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.