Azure API Vulnerabilities Leak VPN Keys and Built-In Roles Allow Over-Privileged Access

Service-specific roles inadvertently granted far broader permissions and provide the equivalent of full read access across entire Azure subscriptions than their names and descriptions suggest.