What is privilege escalation?
D2 ยท Threats ยท CompTIA Security+ SY0-701Privilege escalation is the act of gaining more access or permissions than originally authorized.
๐ผ Vertical privilege escalation โ gaining higher privileges (e.g., a regular user becomes admin/root). More dangerous.
โ๏ธ Horizontal privilege escalation โ accessing another user's data at the same privilege level (e.g., viewing another user's account).
Common methods: exploiting unpatched vulnerabilities, misconfigured sudo rules, SUID binaries, credential theft.
๐ผ Vertical privilege escalation โ gaining higher privileges (e.g., a regular user becomes admin/root). More dangerous.
โ๏ธ Horizontal privilege escalation โ accessing another user's data at the same privilege level (e.g., viewing another user's account).
Common methods: exploiting unpatched vulnerabilities, misconfigured sudo rules, SUID binaries, credential theft.
After initial access, attackers almost always attempt privilege escalation. Defenses: least privilege, patch management, privileged access workstations (PAWs), and monitoring for unusual sudo/admin activity.