Privilege Escalation
criticalprivilege-escalation
Attacker elevates their access rights to gain higher-level permissions
Elevation of Privilege
MITRE ATT&CK techniques
| ID | Name | Tactic |
|---|---|---|
| T1068 | Exploitation for Privilege Escalation | Privilege Escalation |
| T1548 | Abuse Elevation Control Mechanism | Privilege Escalation |
Common Weakness Enumeration
Mitigating controls
ctrl-privesc-1- Implement principle of least privilege
ctrl-privesc-2- Regularly patch and update systems
ctrl-privesc-3- Monitor for suspicious privilege changes
ctrl-privesc-4- Use privileged access management (PAM) solutions
ctrl-privesc-5- Disable unnecessary SUID/SGID binaries