πŸš€ Join our AI Wargame at Black Hat Asia and our Workshop + Wargame at NDC Sydney .

Privilege Escalation

Privilege Escalation occurs when an attacker gains elevated access to resources that are normally protected, beyond what they are originally authorised for. This can happen due to flaws in the application's authorisation (authorization), allowing users to perform actions or access data they shouldn't.

Remediation

  • Enforce Least Privilege: Ensure users have the minimum access necessary to perform their tasks.
  • Implement Robust Access Controls: Use role-based access control (RBAC) and ensure all endpoints enforce these controls consistently.
  • Verify User Permissions: Check server-side permissions for every request to confirm the user has appropriate rights.

Metadata

  • Severity: high
  • Slug: privilege-escalation

CWEs

  • 639: Authorization Bypass Through User-Controlled Key
  • 266: Incorrect Privilege Assignment

OWASP

  • A01:2021: Broken Access Control
  • A04:2021: Insecure Design
  • A07:2021: Identification and Authentication Failures

Available Labs

Select a language to explore available labs for this vulnerability.

Try it yourself

Find, Hack and Fix Your First Vulnerability

Reading about security bugs is one thing β€” fixing one is how the skill sticks. Play a free challenge from the wargame, no setup required.