Discover the definition of the term Elevation Of Privileges presented by Les Assises de la Cybersécurité.

ELEVATION OF PRIVILEGES

During a computer attack, when the attacker manages to execute code on the targeted machine, it is often with the same rights as the resource through which it was able to execute its code. If, for example, a user has clicked on a link or opened a booby-trapped attachment, then the malicious program will have the same rights as that user. If it is another process (a web server, for example), then the malicious code will be limited to the rights of that process. However, these rights are not always sufficient to achieve the attacker's objective (which is what the defenders are looking for!). An elevation of privilege therefore enables the hacker to "gain" higher rights by exploiting a new local vulnerability in order to continue his attack.

A hacker who loves social justice will refuse to elevate his privileges as a matter of principle. But he won't go as far...

Assises page pushes

About Les Assises

Les Assises de la cybersécurité are a unique opportunity to discuss current and future cyber issues.
Go to the Assises one-to-one concept page

Excellence & Networking by DG Consultants

One to One events by DG Consultants : essential meeting places that combine business meetings, operational & strategic excellence, and networking opportunities in exceptional venues
Access Les Assises of cybersecurity glossary

Cyber Glossary | Les Assises

Les Assises de la Cybersécurité, France's must-attend cybersecurity event, provides definitions of the technical terms you need to know.
Dns (Domain Name System) | Cyber Glossary
Endpoint | Cyber Glossary