This Black Hat conference talk reveals a novel privilege escalation technique that allows attackers to gain Global Administrator access in Microsoft 365 and Azure environments - the cloud equivalent of Domain Administrator privileges. Explore the research background and foundational components that enable this security vulnerability, following a detailed step-by-step walkthrough of how attackers can bypass well-defined role-based access controls and application consent models to achieve the highest level of cloud privileges. Senior Cloud Security Architect Eric Woodruff from Semperis demonstrates this critical security finding that should concern any organization using Microsoft's cloud services, as it represents a significant threat vector that could lead to complete environment compromise.
UnOAuthorized: A Technique to Privilege Escalation to Global Administrator
Overview
Syllabus
UnOAuthorized: A Technique to Privilege Escalation to Global Administrator
Taught by
Black Hat
Related Courses
-
Privilege Escalation in Microsoft Azure Through Legacy Resource Management APIs
-
Demystifying Privilege Escalation in Oracle Cloud
-
Manage identity and access in Microsoft 365
-
Hidden in Plain Sight - Abusing Entra's Administrative Units
-
Understanding Azure User Access Administrator and Logging in Entra ID
-
Attack Scenarios Abusing Azure Active Directory
