Exploitation for Privilege Escalation (Windows)


Adversaries may exploit software vulnerabilities in an attempt to elevate privileges. Exploitation of a software vulnerability occurs when an adversary takes advantage of a programming error in a program, service, or within the operating system software or kernel itself to execute adversary-controlled code. Security constructs such as permission levels will often hinder access to information and use of certain techniques, so adversaries will likely need to perform privilege escalation to include use of software exploitation to circumvent those restrictions.

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable.ioAdvanced Network ScanWindows machinesUnauthenticated or Authenticated ScanAnyVulnerabilities

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Privilege Escalation

Platform: Windows

Products Required: Tenable.io

Tenable Release Date: 2022 Q3