- 10% of the 150,000 SaaS applications proposed could be affected by the vulnerability of identification entered
- He was disclosed for the first time in 2023, but many applications remain affected
- Application suppliers must issue fixes or you may take account repurchase
Semperis has published new research by discovering a severe flaw in Microsoft Entrole Identification, called Noauth, and its effects could extend over 10% of SaaS applications worldwide.
Vulnerability implies a cross -authentication defect affecting the ENTE identification integrations – the attackers could execute the full repurchase of the account with a single access to a ENV tenant and the victim’s e -mail.
The report explains that the attack is a low complexity and with low efforts which even bypass multi-factor authentication (MFA), conditional access policies and zero-frust safety architecture-all things that are generally characteristics of companies with strong cybersecurity postures.
The vulnerability of the ID ENTE could have general effects
In addition, attackers can run away without leaving a lot of traces, and the vulnerability of the ID ENTRA cannot be defended without the supplier on the supplier.
Since there are around 150,000 SaaS applications used worldwide, SEMPERIS suggests that more than 15,000 SaaS requests may be affected.
Once an attacker has had access to one of the risk applications, he can pretend to be the victim, access personally identifiable or exfiltrate information.
Currently, there is no effective way to detect the attack, and prevention is also disturbing without the good corrections of software providers. Alarm, it was disclosed for the first time in 2023, but the search for Sempris 2025 shows that it still affects many applications.
The chief architect of Semperis’ identity, Eric Woodruff, said: “Customers are no way to detect or stop the attack, making it a particularly dangerous and persistent threat.”
As such, SaaS sellers are invited to audit and correct affected applications as quickly as possible. The Microsoft Security Response Center also advised sellers to follow its guidelines or risk being deleted from the Galerie Entra.
“We have confirmed that exploitation is always possible in many SaaS applications, making it an urgent appeal to action. We encourage developers to implement the necessary fixes and to protect their customers before this defect is used more,” added Woodruff.
