Privilege Escalation Vulnerability: What is it and how to stay protected from it?
- A privilege escalation vulnerability could allow an attacker to take advantage of programming errors or design flaws and gain elevated access to the network.
- PE vulnerabilities could allow an attacker to gain unauthorized access to organizations’ IT network and carry out various malicious operations.
A privilege escalation vulnerability could allow an attacker to take advantage of programming errors or design flaws and gain elevated access to the network and its associated data and applications. It is very easy for an attacker to escalate privileges from low-level to high-level privileges because most organizations lack adequate security measures and controls.
PE vulnerabilities could allow an attacker to gain unauthorized access to organizations’ IT network and carry out various malicious operations such as stealing sensitive data, disrupting operations, and creating backdoors for future attacks.
Types of Privilege Escalation
There are two types of privilege escalation: vertical and horizontal.
Vertical privilege escalation requires an attacker to gain elevated access from low-level to high-level privileges. In vertical privilege escalation, an attacker initially gains access to a lower level account and uses this privilege to gain higher level access. For instance, an attacker might compromise a user’s bank account and then leverages the user account credentials to gain elevated access to the administrator account.
Horizontal privilege escalation requires an attacker to use the same level of privileges which he gained previously without elevating his privileges. In horizontal privilege escalation, the attacker does not actively attempt to escalate the privileges associated with the compromised account.
How does a Privilege Escalation attack work?
- Attackers will first look for vulnerabilities and then exploit them.
- Once exploited, attackers will gain access to to the compromised system.
- They will then gain additional privileges by elevating from low-level privileges to a higher level.
Examples of Privilege Escalation Vulnerability Attack
Example 1 - Microsoft Exchange Vulnerability
Researchers observed that Microsoft Exchange 2013 and newer versions are vulnerable to a privilege escalation attack. They noted that Microsoft Exchange is vulnerable to a zero-day which could allow attackers with a mailbox to gain Domain Controller admin privileges using a simple Python tool.
Researchers noted that this zero-day is not a single issue but a combination of three security issues that could allow attackers to elevate access from a hacked email account to the admin account of the Domain Controller.
Example 2 - Dirty Sock Vulnerability in Ubuntu OS
On 25, January 2019, a security researcher for Shenanigans Labs, Chris Moberly, reported a vulnerability that impacted the Ubuntu operating system. The researcher named the vulnerability as ‘Dirty Sock’ and noted that this bug is a local privilege escalation vulnerability which could allow attackers to gain root level access to the system.
Moberly noted that the actual vulnerability does not exist in the Ubuntu OS itself, but in Snapd, which is included in all recent Ubuntu versions, and in some other Linux distros by default.
How to prevent privilege escalation attacks?
- In order to prevent privilege escalation attacks, it is recommended to regularly rotate passwords of administrative accounts.
- It is best to ensure that local administrator accounts have strong, complex, and unique passwords across all systems.
- It is essential to monitor and track the permission levels of each user in order to protect the network against privilege escalation attacks.
- It is recommended to install a security system for monitoring the network and user activity so that it can detect suspicious actions and blocks them.
- It is highly recommended to install a secure antivirus program and ensure all systems are updated.
- It is suggested to exercise caution while authorizing privileges and access rights to users. For instance, it is not essential for a user who is assigned to create backups to have the right to install software.
- The best way to protect a computer from privilege escalation vulnerability is to fix the loopholes and the security flaws that allow an attacker to gain access.