- 10% of the more than 150,000 SAAS applications offered could be affected by the Vulnerability of Enter ID
- First it was revealed in 2023, but many applications are still affected
- Application suppliers must issue patches or their risk account control
Semperis has published a new research that discovers a severe defect in the identification of Microsoft, called Noauth, and its effects could cover 10% of SAAS applications worldwide.
Vulnerability implies an authentication failure of cross tenant that affects the integrations of Enter ID: the attackers could execute the complete acquisition of the account only access to an entry tenant and the email of the victim.
The report explains that the attack is of low complexity and low effort that even avoids multifactor authentication (MFA), conditional access policies and zerofilia security architecture, all things that are generally characteristics of companies with strong cyber security positions.
Enter ID vulnerability could have broad effects
In addition, attackers can escape without leaving a lot of trace, and the vulnerability of Enter ID cannot defend themselves without solutions from the supplier side.
Since there is an estimate of 150,000 SAAS applications in use worldwide, Semperis suggests that more than 15,000 SAAS applications could be affected.
Once an attacker gets access to one of the applications at risk, he can impersonate the victim, obtain access to personal identification information or exfiltrate.
Currently, there is no effective way to detect the attack, and prevention is also demonstrating to be worrying without the correct corrections of software suppliers. Storage, it was first revealed in 2023, but Semperis’s 2025 investigation shows that it still affects many applications.
The main identity architect of Semperis, Eric Woodruff, commented: “Customers have no way to detect or stop the attack, which makes this an especially dangerous and persistent threat.”
As such, SAAS suppliers are urged to audit and patch affected applications as quickly as possible. The Microsoft Security Response Center has also advised suppliers to follow their guidelines or risk being eliminated from the gallery.
“We have confirmed that exploitation is still possible in many SAAS applications, which makes this urgent call to action. We encourage developers to implement the necessary solutions and help protect their customers before this defect is further exploited,” Woodruff added.
