7 Elevation of Privilege

Elevation of Privilege is when a user can execute something at a level of privilege superior to the one they should have, meaning they can acquire additional access rights or permissions or even take on the role of a different user. The ultimate goal is to have complete control of a system. This is called vertical privilege escalation, and there is also another type called horizontal privilege escalation. In horizontal privilege escalation, instead of taking on a role with a higher level of privilege, you take on the role of another user with the same level of permission as you but you can now access systems, functions, and data they can access. For example, you are logged in to your bank and, through horizontal privilege ...

Get Threat Modeling Gameplay with EoP now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Threat Modeling Gameplay with EoP by Brett Crawley

7

Elevation of Privilege

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly