https://DevOpsCloud.io -- Cloud Monk Losang Jinpa, Ph.D., MCSE/MCT, GitOps DevOps Engineer

Privilege Escalation refers to the process of gaining higher levels of access or permissions than initially granted, often to gain unauthorized access to resources or perform actions beyond one's intended scope. This can occur through various methods, including exploiting system vulnerabilities or misconfigurations.

• Vertical Privilege Escalation: Involves gaining higher privileges within the same user role or account, such as a standard user gaining administrative rights. This type is common when attackers exploit vulnerabilities to elevate their user permissions.
• Horizontal Privilege Escalation: Involves accessing resources or permissions assigned to other users with the same privilege level. This type may involve accessing or manipulating data belonging to other users without increasing the attacker's privilege level.

• Exploiting Vulnerabilities: Attackers exploit security flaws or bugs in software to gain elevated privileges. This could involve buffer overflows, code injection, or other weaknesses that can be manipulated.
• Misconfigured Permissions: Privilege escalation can occur when system or file permissions are not correctly configured, allowing unauthorized users to gain access to sensitive resources.
• Social Engineering: Attackers may trick users or administrators into revealing their credentials or performing actions that inadvertently escalate privileges.

• Least Privilege Principle: Ensures users have the minimum level of access necessary to perform their tasks. Limiting privileges reduces the potential impact of any unauthorized access.
• Regular Updates and Patch Management: Keeping software and systems updated helps close known vulnerabilities that could be exploited for privilege escalation.
• Security Audits and Monitoring: Regularly auditing system configurations and monitoring user activities can help detect and prevent unauthorized privilege escalations.

• User Account Management: Implement strong controls over user account creation, modification, and deletion. Use multi-factor authentication (MFA) where possible to enhance security.
• Access Control Lists (ACLs): Properly configure ACLs to ensure users have appropriate permissions. Regularly review and update access controls to maintain security.

• https://en.wikipedia.org/wiki/Privilege_escalation
• https://www.csoonline.com/article/3258977/what-is-privilege-escalation-how-to-protect-your-network.html
• https://www.sans.org/white-papers/41833/