risks / Privilege escalation

Description

Allows an attacker to either access an account with more sensitive privileges (e.g. an admin-specific account), or add these privileges to an account under the attacker's control.

Risk: CRITICAL

Exploited in isolation, this risk has the potential to disrupt central organizational operations, destroy trust, or create significant liability. Alternatively, this risk gives attackers access to broadly provisioned identities that enable the above impacts (such as root privilege escalation risks).

Mitigations

  1. Avoid use of admin or root accounts
  2. Securely store admin and root account credentials
  3. Scan for insecurely stored account credentials
  4. Use ephemeral entitlement grants for sensitive operations
  5. Apply permission boundaries to identity entitlements

Links

  1. https:/​/​attack.mitre.org/​techniques/​T1078/​
  2. https:/​/​attack.mitre.org/​techniques/​T1098/​
  3. https:/​/​attack.mitre.org/​techniques/​T1552/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Amazon Web Services

Google Cloud Platform

Kubernetes

Google Workspace

© 2023–present P0 Security and contributors to the IAM Privilege Catalog