Introduction
A critical flaw in Microsoft Authenticator allows an unauthorized attacker to silently steal a user's work account access token over a network, granting full access to whatever enterprise applications and data that user is authorized to reach. Disclosed on May 14, 2026 with a CVSS base score of 9.6, CVE-2026-41615 turns the very tool organizations rely on for multifactor authentication into a vector for token theft, effectively bypassing the authentication layer it was designed to enforce.
Technical Information
CVE-2026-41615 is classified under CWE-200: Exposure of Sensitive Information to an Unauthorized Actor. The core issue is that Microsoft Authenticator can be manipulated into obtaining and transmitting an access token to an attacker controlled location, without clearly informing the user about the specific access being granted.
Attack Flow
The exploitation chain proceeds as follows:
- Initial contact: The attacker crafts a malicious request that appears to be a legitimate authentication prompt and delivers it to the target user over the network.
- User approval: The victim, believing the request is genuine, approves the authentication prompt on their device.
- Token acquisition: Upon approval, the Authenticator app obtains an access token on the user's behalf for their work account.
- Token exfiltration: The token is silently transmitted to a location controlled by the attacker. The user is not clearly informed about the specific access being granted during this process.
- Post exploitation: The attacker uses the stolen token to access data and services the user is authorized to use, including enterprise applications and data repositories.
CVSS Breakdown
The 9.6 CVSS score reflects several compounding factors:
| Metric | Value | Implication |
|---|---|---|
| Attack Vector | Network | Remote exploitation; no physical or local access needed |
| Privileges Required | None | No prior authorization or access required to initiate the attack |
| User Interaction | Required | The victim must approve a prompt; the exploit cannot be fully automated |
| Scope | Changed | Compromise extends beyond Authenticator to external enterprise resources |
| Confidentiality | High | Complete disclosure of the access token and associated data |
| Integrity | High | Attacker can modify data within authorized services |
| Availability | High | Attacker could disrupt services accessible via the stolen token |
The Scope Change designation is particularly significant here. Microsoft explains that an exploited vulnerability can affect resources beyond the security scope managed by the vulnerable component itself. While Authenticator is the vulnerable application, the stolen token compromises external enterprise applications and data repositories managed by entirely different security authorities. This is what elevates the score from a high severity issue to a critical one.
What We Do Not Know
The current vendor advisory lacks specific details regarding which exact versions of Microsoft Authenticator are vulnerable. Furthermore, the advisory explicitly details remediation for Android devices but omits confirmation of whether iOS versions of the application are equally affected or require similar updates.
Affected Systems and Versions
The vulnerability affects Microsoft Authenticator on Android. The vendor advisory does not specify exact version numbers or version ranges for the vulnerable builds. iOS impact has not been confirmed or denied by Microsoft at this time. Organizations running Microsoft Authenticator on Android devices should treat all unpatched versions as potentially vulnerable until Microsoft provides more granular version guidance.
Mitigation
Microsoft has released an official fix. The recommended remediation actions by platform are:
| Platform | Update Mechanism | Required Action |
|---|---|---|
| Android | Automatic Updates | Users with automatic updates enabled will receive the patch without manual intervention |
| Android | Manual Updates | Users with automatic updates disabled must manually download the latest version via the Google Play Store |
| iOS | Unspecified | Monitor vendor channels for clarification on iOS impact and update requirements |
Compensating Controls
While patching is the primary defense, organizations should layer additional protections:
- Microsoft Entra ID Protection provides capabilities to detect, investigate, and remediate identity based risks. Security teams should enable and monitor these features for anomalous sign in activity.
- Conditional access policies should be enforced to detect potential misuse of stolen tokens, such as sign ins from unexpected locations or devices.
- User awareness training is directly relevant here because the exploit chain requires the victim to approve a malicious authentication prompt. Educating users to deny unexpected or suspicious prompts reduces the likelihood of successful exploitation.
Threat Intelligence
As of the May 14, 2026 disclosure, the Exploit Code Maturity for CVE-2026-41615 is rated as Unproven. Microsoft reports that no publicly available exploit code exists, and any potential exploit remains theoretical at this stage. There is no evidence of active exploitation in the wild, and no specific threat actors have been associated with this vulnerability.
That said, enterprise access tokens are high value targets for advanced persistent threats and initial access brokers. The combination of a network based attack vector, no privileges required, and access to enterprise resources makes this vulnerability an attractive candidate for weaponization. Organizations should treat the current pre exploit window as an opportunity to deploy the fix before functional exploit chains emerge.



