Privilege Escalation Vulnerability

What is the attack?

In simple terms, privilege escalation means a user can access privileges of another user or an admin user. This can be categorized as ?Horizontal Privilege Escalation? and ?Vertical Privilege Escalation?. In horizontal privilege escalation, a user is able to access another user?s account and privileges, whereas in vertical privilege escalation, a lower-level user is able to access the privileges of a higher-level user or typically an admin user.

Privilege escalation attack can be executed by either of the three methods given below:

  • Privilege Escalation by compromising session:In this method the session of an admin user is intercepted and reused by another user, either admin or non-admin. This results in the interception of the hacked use?d identity.
  • Privilege Escalation by parameter manipulation:An attacker can intercept requests and responses and manipulate many parameters to change the privilege.

Impact of Privilege Escalation

If an attacker gets admin-level privileges, he will be able to :

  • Enter the organization?s IT infrastructure
  • Modify the permissions in order to delete or steal data
  • Add or delete users
  • Gain access to system files and cause disruption in the operations
  • Create backdoors for future attacks
  • Crash the website

How to prevent Privilege Escalation?

You can prevent privilege escalation in the following ways -

  • User?s privilege role?s checks should be performed on server side
  • Sensitive data and session-related data should be kept on server side
  • Cookies used for the session should be tamper-proof
  • Data sent to the client should be encrypted
  • Server should check for valid session token
CSRF attack