Glossary · Security testing
What is Privilege Escalation?
Also known as: PrivEsc, Elevation of Privilege
Privilege escalation is the act of gaining higher access than you started with, such as moving from a standard user to an administrator. It is a key step in most attack paths, letting an intruder turn a limited foothold into broad control. It is mitigated primarily by least privilege and regular access reviews.
Key takeaways
- Privilege escalation means obtaining higher access than originally granted, such as user to admin.
- It is a pivotal step that turns a limited foothold into broad control within an attack path.
- It comes in two forms: vertical (higher privilege level) and horizontal (another account's access).
- Least privilege and regular access reviews are the primary mitigations.
What is privilege escalation?
Privilege escalation is what happens when an attacker who has gained limited access finds a way to obtain more. A foothold as an unprivileged user is rarely the end goal; escalating to administrator, root, or a powerful cloud role is what unlocks sensitive data and control over systems.
It is one of the most important steps in any attack path, because it converts a minor compromise into a serious one. It also appears as a dedicated tactic in MITRE ATT&CK, reflecting how central it is to real intrusions.
Vertical and horizontal escalation
Privilege escalation takes two broad forms. Vertical escalation moves to a higher privilege level, such as a standard user becoming an administrator. Horizontal escalation moves sideways into another account or identity at the same level, which can still expose data the attacker should not see and often sets up a further vertical jump.
Common avenues include misconfigured permissions, vulnerable software running with high privileges, exposed credentials, and overly broad cloud IAM roles. In cloud environments especially, excessive identity permissions are a frequent route.
- Vertical: gaining a higher privilege level (user to admin/root)
- Horizontal: taking over a peer account or identity
- Common causes: misconfigurations, exposed credentials, vulnerable privileged software
- Cloud-specific: overly broad IAM roles and trust relationships
Mitigating privilege escalation and proving it
The primary defense is least privilege: granting each identity only the access it genuinely needs, so a compromised account yields little. Regular access reviews catch accumulated or excessive permissions before an attacker can abuse them, and zero trust principles limit implicit privilege.
Validating these defenses is where testing comes in. Breach and attack simulation can emulate escalation techniques to confirm they are detected or blocked, turning the control from a stated policy into demonstrated, ongoing evidence.
Frequently asked questions
- What is the difference between vertical and horizontal privilege escalation?
- Vertical escalation moves to a higher privilege level, such as user to administrator. Horizontal escalation moves sideways into another account at the same level, which can still expose unauthorized data or enable a later vertical jump.
- How does least privilege reduce privilege escalation risk?
- Least privilege grants each identity only the access it truly needs, so a compromised account provides little to escalate from. It shrinks both the value of any single foothold and the paths available for escalation.
- How does privilege escalation fit into an attack path?
- It is usually the step that converts a limited foothold into broad control. Combined with lateral movement, escalation lets an attacker chain from an initial entry point to high-value targets.