Azure AD bypass via phantom device

Microsoft Entra ID Conditional Access is supposed to answer a simple question — should this user, on this device, get in? The new research says that answer can be wrong even when the policy looks strict on paper. In an authorized red-team engagement published May 5, Cyderes’ Howler Cell said it took one valid credential that was already blocked by Conditional Access and turned it into a full bypass chain. No company laptop. No malware. Just a fake device, a trusted token path, and a lot of assumptions that held up until someone actually tested them. (cyderes.com) ### What is the “phantom device” trick? Basically, the attackers registered a device that did not really meet the normal expectations of a managed corporate machine. Cyderes says Microsoft Entra’s Device Registration Service validated the token presented to it, but did not verify that the caller was an actual Win(cyderes.com)ice and received an Entra device certificate and key material anyway. (cyderes.com) ### Why does device registration matter so much? Because device identity is one of the pillars Conditional Access leans on. If Entra thinks a session comes from a known, joined, or compliant device, later access decisions inherit that trust. Microsoft’s own documentation treats device registration as a prerequisi(cyderes.com)al. (learn.microsoft.com) ### Where does the PRT come in? A Primary Refresh Token is the long-lived token that helps joined devices do single sign-on. In normal life, that is convenience. In the wrong hands, it becomes proof that a device-and-user combo is trusted. Older research already showed that PRT-backed sessions can sat(learn.microsoft.com)new twist is getting that trust chain without a real managed endpoint in the first place. (dirkjanm.io) ### So what actually failed? Not one single product. That is the uncomfortable part. Cyderes describes a chain: device registration that was reachable, a phantom device that looked legitimate enough, PRT minting off that device identity, and Intune compliance logic that treated missing health attestation as “not applicable” i(dirkjanm.io)et an unmanaged machine inherit managed-device trust. (cyderes.com) ### Didn’t Conditional Access stop this? Only if the right policies were actually enforced. Cyderes says two tenant policies already existed but were left in report-only mode: one to block device code flow and one to require MFA for device registration. Microsoft explicitly recommends blocking device code flow wh(cyderes.com)egister or join devices. Report-only is useful for testing — but it is not protection. (cyderes.com) ### Why is this worse than a normal login bypass? Because it turns identity control into infrastructure access. In the engagement, one enterprise app package exposed an internal UNC path, which gave away server names and admin-share structure. From there, the team mapped an on-prem-to-cloud privilege escalation r(cyderes.com)ne weak trust edge unraveled the tenant.” (cyderes.com) ### What should defenders take from this? Treat Conditional Access as a system, not a policy screen. The real control surface includes device registration, MFA at join time, token protection, Intune compliance semantics, and whether risky flows are merely observed or actually blocked. If your design assumes “requ(cyderes.com)atters if the device and token proving it are real. (cyderes.com) ### Bottom line? The news here is not that Entra has one magic bug. It is that modern identity stacks can be bypassed at the seams. If an attacker can mint trust without owning a real endpoint, Conditional Access stops being conditional in the way most architects think it is. (cyderes.com)