Technique: Abuse Elevation Control Mechanism

ID: T1548

Export to Word

Description

Adversaries may circumvent mechanisms designed to control elevate privileges to gain higher-level permissions. Most modern systems contain native elevation control mechanisms that are intended to limit privileges that a user can perform on a machine. Authorization has to be granted to specific users in order to perform tasks that can be considered of higher risk.(Citation: TechNet How UAC Works)(Citation: sudo man page 2018) An adversary can perform several methods to take advantage of built-in control mechanisms in order to escalate privileges on a system.(Citation: OSX Keydnap malware)(Citation: Fortinet Fareit)

Threat-Mapped Scoring

Threat Score: 0.0
Industry:
Threat Priority: Unclassified

ATT&CK Kill Chain Metadata

Malware

← Back to Home ← Back to TTP Search