Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers can exploit lesser-known billing roles to escalate privileges within organizational tenants.
This sophisticated attack vector leverages the ability of guest users, often invited for collaboration with limited permissions, to create and control Azure subscriptions in external tenants where they hold no direct administrative rights.
Hidden Threat in Azure Guest Access
What makes this particularly alarming is the default configuration of Microsoft’s systems, which permits such actions unless explicitly restricted, exposing organizations to unauthorized reconnaissance, persistence, and potential privilege escalation.
The core of this exploit lies in the parallel permission model of Microsoft’s billing roles under Enterprise Agreements (EA) and Microsoft Customer Agreements (MCA), including pay-as-you-go setups.
Roles such as Billing Account Owner or Azure Subscription Creator, often assigned in a user’s home tenant, allow the creation or transfer of subscriptions into any tenant where the user is a guest.
From Guest to Owner: A Dangerous Path to Control
According to the Report, BeyondTrust’s proof-of-concept attacks demonstrate how an attacker, starting with a free Azure trial tenant, can assign themselves a billing role, accept a guest invitation into a target tenant, and create a subscription under their control with full Owner permissions.
This subscription then becomes a foothold for malicious activities, bypassing the expected security boundaries of guest accounts.
Microsoft has acknowledged this behavior as intended, citing it as a feature for cross-tenant collaboration, but the lack of opt-in restrictions amplifies the risk.
The implications of this vulnerability are profound. Once a subscription is created, the attacker can enumerate root management group administrators through inherited IAM role assignments, gaining visibility into high-value accounts for targeted attacks.
They can also weaken Azure policies tied to their subscription, effectively silencing security alerts, and create user-managed identities in the shared Entra ID directory for persistent access.
Additionally, by registering tenant-joined devices like Virtual Machines, attackers can potentially abuse conditional access policies via dynamic group memberships, further escalating privileges.
These actions, which fall outside typical guest user expectations, create a dangerous blind spot for Azure administrators who may not account for billing permissions in their threat models.
For defenders, immediate action is critical. BeyondTrust recommends enforcing subscription policies to block guest transfers, auditing and hardening guest accounts, and monitoring subscriptions and security alerts for unusual activity.
Tools like BeyondTrust Identity Security Insights can assist by flagging guest-created subscriptions and assessing identity risks.
This issue underscores a broader need to reevaluate threat models around Entra ID guest access, as the default configurations inadvertently enable paths to privilege.
With attackers already exploiting this in the wild, organizations must act swiftly to secure their environments against these “restless guests” before the full blast radius of such exploits is realized.