🔑 IAM

Microsoft Entra ID Entitlement Management SSRF (CVE-2026-35431, CVSS 10.0) — Cloud IAM Attack Surface Disclosed Before Silent Server-Side Fix

A perfect-score SSRF vulnerability in Microsoft Entra ID Entitlement Management allowed unauthenticated network-accessible exploitation of Microsoft's cloud identity governance platform. Microsoft patched it server-side with no customer action required, but the disclosure surfaces a structural question enterprise security teams need to answer: how do you monitor for exploitation of a vulnerability in infrastructure you don't control?

4 min read
#entra-id#ssrf#cloud-security#iam#azure#zero-trust#microsoft

A server-side request forgery vulnerability in Microsoft Entra ID Entitlement Management has been disclosed with a CVSS 10.0 — the highest possible score. The vulnerability allows unauthenticated, network-accessible exploitation of the Entitlement Management service, the component of Entra ID that governs access request workflows, access package approvals, and periodic access reviews across Azure resources, SharePoint, and Entra-connected applications.

Microsoft applied a server-side fix. Customers are protected; no patches to install, no configuration changes required. The enterprise response to that sentence — “no action needed” — should not be “close the ticket.”

What CVE-2026-35431 Is

Entitlement Management is Entra ID’s access governance layer. It controls which users can request access to which resources, which approvers are notified, and how access is periodically reviewed and revoked. It sits at the centre of how large organisations manage conditional and time-limited access to sensitive resources — Azure resource groups, SharePoint document libraries, security groups, and external partner access.

The SSRF flaw allowed an unauthenticated attacker to cause the Entitlement Management service to issue requests to attacker-controlled or internal Microsoft infrastructure. In a cloud service context, SSRF at this privilege level can expose internal metadata endpoints, authentication tokens, or allow further lateral movement within the cloud provider’s environment.

The perfect CVSS score reflects the combination: unauthenticated, network-exploitable, affecting a component that is a control plane over identity access decisions. Microsoft has not confirmed exploitation in the wild.

Why “No Customer Action Required” Is Not the Same as “No Risk”

Microsoft’s cloud-service patching model addresses the operational reality that millions of customers cannot coordinate simultaneous patches to shared infrastructure. The tradeoff is that customers lose visibility into what changed, when it changed, and whether the vulnerability was exploited before the fix was applied.

For CVE-2026-35431, the exposure window — the period between when the vulnerability was discoverable by an attacker and when Microsoft’s fix was deployed — is not publicly disclosed. That window is where the question of exploitation sits, and it is a question customers cannot answer from their own telemetry.

Organisations relying heavily on Entitlement Management for sensitive access governance should not simply accept the “no action required” statement and move on. The more useful question is: what does an exploitation event look like in Entra ID audit logs, and do we have coverage to detect it?

Detection and Audit Opportunities

Entitlement Management generates audit events in the Entra ID audit log when access packages are modified, access requests are submitted or approved, and when policy changes occur. While customers cannot detect the SSRF channel itself, signs of post-exploitation activity — anomalous access approvals, unexpected external identities added to access packages, unusual modifications to access policies — are visible in audit logs.

Specifically:

  • Review Entra ID audit logs under Identity Governance for access package and access policy events in the past 30 days — look for modifications by service accounts or non-administrative principals
  • Check Entitlement Management Connected Organisations for unexpected external tenant additions, which could indicate an attacker using compromised service credentials to onboard a controlled tenant
  • Review Privileged Identity Management assignments for Entitlement Management Administrator and Identity Governance Administrator roles — any unexpected additions should be investigated
  • Review Entitlement Management access packages: Verify that access packages granting access to sensitive resources (executive SharePoint, Azure production subscriptions, privileged security groups) have not been modified unexpectedly. Pay particular attention to policy changes affecting external identities.
  • Enable Conditional Access for Entitlement Management administrative roles: Ensure Entitlement Management Administrator role activation requires MFA and is constrained to privileged access workstations.
  • Audit external identity access: Review all active access package assignments for external (B2B guest) users and confirm each assignment is expected and still required.
  • Subscribe to Microsoft Security Response Center advisories: The silent-patch model makes MSRC the primary notification channel for cloud service vulnerabilities. Organisations without MSRC alert subscriptions learn of disclosures like this from media, not from Microsoft.

The broader lesson of a CVSS 10.0 disclosure in cloud IAM infrastructure is not that the current fix is insufficient. It is that the cloud security posture visibility gap — the inability to observe what happens inside cloud provider infrastructure — is a permanent feature of the shared responsibility model, not a temporary shortcoming that better tooling will eventually close.

Share this article