Privilege Escalation - ATLAS Tactic

Record summary

A quick snapshot of what this page covers.

Techniques4Attack methods in this attacker goal.

ATT&CKTA0004Related cybersecurity reference, if available.

DatasetATLASMain public source for this page.

Tactic overview

What attackers may be trying to achieve.

The adversary is trying to gain higher-level permissions.

Privilege Escalation consists of techniques that adversaries use to gain higher-level permissions on a system or network. Adversaries can often enter and explore a network with unprivileged access but require elevated permissions to follow through on their objectives. Common approaches are to take advantage of system weaknesses, misconfigurations, and vulnerabilities. Examples of elevated access include:

SYSTEM/root level
local administrator
user account with admin-like access
user accounts with access to specific system or perform specific function

These techniques often overlap with Persistence techniques, as OS features that let an adversary persist can execute in an elevated context.

ATLAS ID: AML.TA0012
ATT&CK external ID: TA0004
Technique count: 4

Technique coverage

Attack methods grouped under this attacker goal.

Source

Where this page information comes from.

Original source

Original source links

Open the public records and source datasets used for this page.

Repositoryhttps://github.com/mitre-atlas/atlas-data ATLAS.yamlhttps://github.com/mitre-atlas/atlas-data/blob/main/dist/ATLAS.yaml Schemahttps://github.com/mitre-atlas/atlas-data/blob/main/dist/schemas/atlas_output_schema.json MITRE ATT&CK mappinghttps://attack.mitre.org/tactics/TA0004/

Privilege Escalation - ATLAS Tactic

Record summary

Tactic overview

Technique coverage

AML.T0053 - AI Agent Tool Invocation

AML.T0105 - Escape to Host

AML.T0054 - LLM Jailbreak

AML.T0012 - Valid Accounts

Source

Original source links