Exploitation for Privilege Escalation

Info

ID: AT-DC004
Tactic: Deepening Control
Sub-techniques: CPU and GPU exploitation, Capabilities Abuse, Kernel Exploitation, SUID and GUID Abuse, Symlink Attack, TOCTOU

Exploitation for Privilege Escalation

Adversaries may exploit weaknesses in user or service-level permissions to elevate their rights, often granting them broad powers over the application or underlying infrastructure. Common methods include abusing Linux capabilities, hijacking SUID binaries, or leveraging kernel vulnerabilities to move from container scope to host scope. Gaining elevated privileges allows attackers to disable security mechanisms, read or modify restricted data, and orchestrate wider intrusions.