In simple terms, privilege escalation means a user can access privileges of another user or an admin user. This can be categorized as ‘Horizontal Privilege Escalation’ and ‘Vertical Privilege Escalation’. In horizontal privilege escalation, a user is able to access another user’s account and privileges, whereas in vertical privilege escalation, a lower-level user is able to access the privileges of a higher-level user or typically an admin user.
Privilege escalation attack can be executed by either of the three methods given below:
If an attacker gets admin-level privileges, he will be able to :
You can prevent privilege escalation in the following ways -