MITRE ATT&CK — FreeIntelHub

T1548 — Abuse Elevation Control Mechanism (Privilege Escalation)

Clear filter

65 articles found

Zero Day Initiative CVE Linux Mar 16

ZDI-26-191: (Pwn2Own) Linux Kernel nf_tables Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to exec...

T1548 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE VMware Mar 16

ZDI-26-190: (Pwn2Own) VMware Workstation PVSCSI Heap-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability t...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE VMware Mar 16

ZDI-26-189: (Pwn2Own) VMware ESXi VMXNET3 Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execu...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE VMware Mar 16

ZDI-26-188: (Pwn2Own) VMware ESXi VMCI Integer Underflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware ESXi. An attacker must first obtain the ability to execu...

T1548 T1068 1 IOC

Zero Day Initiative →

Cisco Advisories Vulnerability Disclosure Apple Cisco Mar 11

Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities

Multiple vulnerabilities in Cisco IOS XR Software could allow an authenticated, local attacker to execute commands as root on an underlying operating system ...

T1548

Cisco Advisories →

Zero Day Initiative CVE Fortinet Mar 10

ZDI-26-186: Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient. An attacker must first obtain the ability...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Mar 10

ZDI-26-184: Microsoft Windows NDIS Driver Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Mar 10

ZDI-26-183: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Mar 10

ZDI-26-182: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Mar 10

ZDI-26-181: Microsoft Windows win32full Improper Release Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Mar 10

ZDI-26-180: Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Mar 10

ZDI-26-179: Microsoft Windows win32kfull Improper Locking Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Microsoft Mar 10

ZDI-26-178: Microsoft Windows cdd Improper Locking Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Mar 10

ZDI-26-177: Array Networks MotionPro ArrayInstallManager Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Array Networks MotionPro. An attacker must first obtain the abi...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Docker Mar 6

ZDI-26-152: Docker Desktop Docker Plugins Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Docker Desktop. An attacker must first obtain the ability to ex...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Trend Micro Mar 3

ZDI-26-148: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploi...

T1548 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Trend Micro Mar 3

ZDI-26-147: Trend Micro Apex Central Improper Authentication Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro Apex Central. Authentication is required to exploi...

T1548 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Trend Micro Mar 3

ZDI-26-143: Trend Micro Apex One Security Agent TmSelfProtect Origin Validation Error Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obt...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Trend Micro Mar 3

ZDI-26-142: Trend Micro Apex One Security Agent Cache Mechanism Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obt...

T1548 T1068 1 IOC

Zero Day Initiative →

Zero Day Initiative CVE Trend Micro Mar 3

ZDI-26-141: Trend Micro Apex One Security Agent iCore Service Signature Verification Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One Security Agent. An attacker must first obt...

T1548 T1068 1 IOC

Zero Day Initiative →

Initial Access

T1566 Phishing T1566.001 Spearphishing Attachment T1566.002 Spearphishing Link T1190 Exploit Public-Facing Application T1133 External Remote Services T1078 Valid Accounts T1195 Supply Chain Compromise T1189 Drive-by Compromise

Execution

T1059 Command and Scripting Interpreter T1059.001 PowerShell T1203 Exploitation for Client Execution T1204 User Execution

Persistence

T1053 Scheduled Task/Job T1547 Boot or Logon Autostart Execution T1543 Create or Modify System Process

Privilege Escalation

T1548 Abuse Elevation Control Mechanism T1068 Exploitation for Privilege Escalation

Defense Evasion

T1027 Obfuscated Files or Information T1562 Impair Defenses T1070 Indicator Removal

Credential Access

T1110 Brute Force T1555 Credentials from Password Stores T1003 OS Credential Dumping T1557 Adversary-in-the-Middle T1556 Modify Authentication Process

Discovery

T1046 Network Service Discovery

Lateral Movement

T1021 Remote Services

Command and Control

T1071 Application Layer Protocol T1573 Encrypted Channel T1572 Protocol Tunneling

Exfiltration

T1041 Exfiltration Over C2 Channel T1567 Exfiltration Over Web Service

Impact

T1486 Data Encrypted for Impact T1489 Service Stop T1498 Network Denial of Service T1491 Defacement T1529 System Shutdown/Reboot

Resource Development

T1583 Acquire Infrastructure T1588 Obtain Capabilities

Reconnaissance

T1592 Gather Victim Host Information T1598 Phishing for Information