CVE-2025-54781
August 01, 2025
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This short-lived token can be used to detect the host's Intune compliance status, and may permit additional administrative operations for the Intune host device (though the API for these operations is undocumented). This is fixed in version 1.1.0. To workaround this issue, ensure that Himmelblau debugging is disabled.
Affected Packages
https://github.com/himmelblau-idm/himmelblau.git (GITHUB):
Affected version(s) >=0.0.1 <1.1.0Fix Suggestion:
Update to version 1.1.0Related ResourcesĀ (3)
Do you need more information?
Contact UsCVSS v4
Base Score:
2.4
Attack Vector
LOCAL
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
HIGH
User Interaction
PASSIVE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
NONE
Vulnerable System Availability
NONE
Subsequent System Confidentiality
LOW
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
2.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE
Weakness Type (CWE)
Insertion of Sensitive Information into Log File
EPSS
Base Score:
0.01
