ORSYS le mag 2025 logo

The training and skills medium

Home > Cybersecurity glossary > Elevation of privileges

Elevation of privileges

A elevation of privileges (or privilege escalation) is a technique used in cyber security to obtain a higher level of access or control than that initially authorised on a computer system. It allows an attacker or malicious user to move from an account or process with low privileges (e.g. standard user) to an account or process with high privileges (e.g. administrator), root or kernel access).

 

Types of privilege elevation

 

Vertical :

  • Change from a low privilege level to a higher one (e.g. standard user → administrator).
  • Example : Exploiting a vulnerability to execute code with root.

Horizontal :

  • Access to another user's privileges at the same level (e.g. usurping the rights of another standard user).
  • Note Some experts do not consider this to be a "real" elevation of privileges.

Google - Noto Color Emoji 15.0 (Animated) How it works

 

Common causes :

  • Software vulnerabilities (e.g. buffer overflow, poor permissions management).
  • Incorrect system configuration (e.g. system files that can be written to by anyone).
  • Social engineering (e.g. : phishing to retrieve admin credentials).

Common techniques :

  • Exploitation of kernel vulnerabilities (kernel exploits).
  • Abuse of legitimate mechanisms (e.g. : DLL hijackingabuse of rights sudo).
  • Use of malicious scripts or tools (e.g. : Mimikatz to steal passwords from memory).

💥 Consequences

  • Unauthorised access Total control of the system, installation of malware (e.g. : rootkits, ransomware).
  • Persistence Maintaining long-term access (e.g. creating hidden admin accounts).
  • Data infiltration Theft of sensitive or critical information.

Prevention

  1. Apply patches Update systems and software to correct known vulnerabilities.
  2. Principle of least privilege limit user and process rights to what is strictly necessary.
  3. Monitoring Use anomaly detection tools (e.g. : SIEMaudit of logs).
  4. Hardening systems :
    • Disable unnecessary services.
    • Use security mechanisms such as SELinux or AppArmor.
  5. User training Social engineering: raise awareness of the risks of social engineering.

👉 Famous examples

 

  • Dirty COW (2016): Linux vulnerability allowing elevation of privileges via the kernel.
  • EternalBlue (2017): Windows exploit used by WannaCry to spread ransomware.
Back to Glossary

field of training

Cybersecurity

associated training

Systems and network security, level 1

Hacking and security, level 1

Information systems security, summary

BEST

Towards the ORSYS Cyber Academy: a free space dedicated to cybersecurity