Back to glossary

Privilege Escalation

The act of exploiting a bug, design flaw, or configuration error in an operating system or software application to gain elevated access to resources that are normally protected.

Categorysecurity

Overview

Privilege escalation is a key step in many cyberattacks. An attacker typically starts with a low-privileged account and then uses various techniques to gain administrative or 'root' access.

Types

  • Vertical Privilege Escalation: Gaining higher-level permissions (e.g., moving from a standard user to an admin).
  • Horizontal Privilege Escalation: Gaining the permissions of another user at the same level (e.g., accessing another user's private files).

Prevention

  • Patching: Fixing vulnerabilities that allow for escalation.
  • Principle of Least Privilege: Limiting the permissions of all accounts.
  • System Hardening: Disabling unnecessary services and securing configurations.

Related Terms

Privileged Access ManagementBuffer Overflow