Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This short-lived token can be used to detect the host's Intune compliance status, and may permit additional administrative operations for the Intune host device (though the API for these operations is undocumented). This is fixed in version 1.1.0. To workaround this issue, ensure that Himmelblau debugging is disabled.
                
            Metrics
Affected Vendors & Products
References
        History
                    Tue, 05 Aug 2025 21:30:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Himmelblau-idm Himmelblau-idm himmelblau | |
| Vendors & Products | Himmelblau-idm Himmelblau-idm himmelblau | 
Mon, 04 Aug 2025 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Fri, 01 Aug 2025 23:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. When debugging is enabled for Himmelblau in version 1.0.0, the himmelblaud_tasks service leaks an Intune service access token to the system journal. This short-lived token can be used to detect the host's Intune compliance status, and may permit additional administrative operations for the Intune host device (though the API for these operations is undocumented). This is fixed in version 1.1.0. To workaround this issue, ensure that Himmelblau debugging is disabled. | |
| Title | Himmelblau leaks an Intune service access token in its logs | |
| Weaknesses | CWE-532 | |
| References |  | |
| Metrics | cvssV3_1 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: GitHub_M
Published: 2025-08-01T23:35:23.713Z
Updated: 2025-08-04T15:26:00.494Z
Reserved: 2025-07-29T16:50:28.391Z
Link: CVE-2025-54781
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-08-04T15:25:57.739Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2025-08-02T00:15:25.740
Modified: 2025-08-04T15:06:15.833
Link: CVE-2025-54781
 Redhat
                        Redhat
                    No data.