UnOAuthorized: A Technique to Privilege Escalation to Global Administrator
Unknown
Black Hat USA 2024 · Day 1 · Briefing
In the realm of modern cloud identity management, achieving **Global Administrator** privileges within a Microsoft Entra ID (formerly Azure Active Directory) tenant represents the ultimate compromise for an attacker. Eric Woodruff, a Senior Security Researcher at Semperis, presented "UnOAuthorized" at Black Hat USA, a talk detailing a novel technique that allows an attacker with the seemingly scoped **Application Administrator** role to escalate their privileges to Global Administrator equivalent. This research sheds critical light on the often-misunderstood complexities of application registrations and service principals in Entra ID, demonstrating how misconfigurations or overlooked functionalities can create pathways for significant privilege escalation.