Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges across the network. The vulnerability arises from a flaw in the authentication process, enabling the attacker to gain higher-level access that would normally require legitimate credentials. This could lead to unauthorized creation or modification of resources, escalation of access rights, and potential compromise of the entire Azure AD tenant infrastructure.

The affected systems are Microsoft Azure Active Directory services. All versions of Azure Active Directory are potentially vulnerable unless otherwise mitigated by a patch or update. No specific version details are provided by the CNA, so the entire Azure AD product family should be considered at risk.

The CVSS score of 10 indicates critical severity, implying that exploitation can lead to complete compromise of authentication controls. The EPSS score is not available, and the vulnerability is not listed in CISA KEV, suggesting that while there is no current public exploitation data, the high CVSS warrants immediate concern. The most likely attack vector is over the network, where an unauthenticated or low-privileged attacker can exploit the authentication flaw to elevate privileges.