Security Research · M42 Labs

Building secure IAM & PAM by day. Testing boundaries by night.

We are deeply knowledgeable engineers who push the boundaries of the systems we implement. By understanding Microsoft Entra ID, Intune, BeyondTrust, and other IAM/PAM platforms beyond what the documentation tells us, we uncover vulnerabilities and build more secure environments for our clients.

View our CVEs Contact us

Who We Are

Security research, driven by engineering.

Modern 42 Labs is the security research division of Modern 42. Our team combines deep expertise in IAM and PAM technologies with a passion for understanding how they work at a fundamental level.

Security Experts

Specialised in discovering and responsibly disclosing vulnerabilities in enterprise security systems.

Engineering Excellence

Our engineers don't just use technology — we understand how it works at the deepest levels.

Research Driven

Continuous research into IAM, PAM, authentication systems, and access control mechanisms.

Featured Discovery

Latest Security Research

Our most recent vulnerability discovery in Microsoft's enterprise identity platform.

m42-labs — advisory/latest.vuln

labs@m42:~/advisories $ cat latest.vuln

---

CVE-2025-XXXXX

Important

target: Microsoft Entra ID

discovered: May 2025

class: Authentication Bypass

Microsoft Entra ID Multi-Factor Authentication Bypass

A critical authentication bypass vulnerability in Microsoft Entra ID that allows attackers to circumvent multi-factor authentication mechanisms under specific conditions. This vulnerability affects enterprise deployments and could lead to unauthorised access to protected resources.

# Impact

Complete MFA and device compliance bypass, unauthorised access to protected resources

# Status

Responsibly Disclosed to Microsoft Security Response Center

cat ./details.txt

Work with Modern 42

Need expert IAM/PAM implementation, security consulting, or custom development? Our talented engineering team is ready to help.

Get in touch Explore careers