Privilege escalation definition
Privilege escalation is exploiting a system vulnerability, misconfiguration, or design flaw to gain unauthorized access to resources and functionalities normally restricted to users with higher privileges. This can be executed in two ways: horizontal privilege escalation, where an attacker gains the same level of access as another user, and vertical privilege escalation, where an attacker elevates their own access level to that of a more privileged user, such as an administrator.
See also: zero day, two-factor authentication, administrative privileges
Privilege escalation examples
- Horizontal privilege escalation: An attacker gains unauthorized access to another user's email account, allowing them to read and send emails as the victim.
- Vertical privilege escalation: An attacker exploits a software vulnerability to gain administrator-level access to a system, allowing them to install malicious software or exfiltrate sensitive data.
Preventing privilege escalation
- Keep software and operating systems up to date with the latest patches and security updates.
- Implement the principle of least privilege, granting users only the access they need to perform their job functions.
- Utilize strong authentication methods, such as multi-factor authentication.
- Regularly audit user accounts and permissions, and remove unnecessary privileges or inactive accounts.
