A vulnerability was found in Microsoft Account. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authorization.
This vulnerability is known as CVE-2025-21396. The attack can be launched remotely. There is no exploit available.
This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves.