Skip to content

AZT507 - External Entity Access#

Adversaries may configure the target Azure tenant to be managed by another, externel tenant, or its users.

ID Name Description Action Resources
AZT507.1 Azure Lighthouse Adversaries may utilize Azure Lighthouse to manage the target tenant from an external tenant. Microsoft.ManagedServices/registrationAssignments/Write AzureAD
AZT507.2 Microsoft Partners Adversaries may use Delegated Administrative Privileges to give themselves administrator access to the target tenant. N/A AzureAD
AZT507.3 Subscription Hijack An adversary may transfer a subscription from a target tenant to an attacker-controlled tenant. N/A Azure Subscription
AZT507.4 Domain Trust Modification An adversary may add an additional identity provider or domain to maintain a backdoor into the tenant. N/A AzureAD