privilege-escalation
Safeguard articles tagged "privilege-escalation" — guides, analysis, and best practices for software supply chain and application security.
43 articles
Linux AF_PACKET privilege escalation (CVE-2020-14386)
CVE-2020-14386 lets a local attacker with CAP_NET_RAW corrupt Linux kernel heap memory via AF_PACKET and escalate privileges. Here's the fix and impact.
sudo -e/sudoedit privilege escalation bypass (CVE-2019-14287)
CVE-2019-14287 let sudo users bypass "run as any user except root" rules via `sudo -u#-1`, gaining full root. Here's how it worked and how to fix it.
PwnKit polkit pkexec local privilege escalation (CVE-2021-4034)
PwnKit (CVE-2021-4034) is a 12-year-old polkit pkexec flaw giving any local user instant root on most Linux distros. Here's the full breakdown and fix.
Docker Engine remap-root UID mapping vulnerability (CVE-2021-21284)
CVE-2021-21284 let remapped-root containers escalate to real host root, defeating Docker's userns-remap isolation. Here's the full breakdown and fix.
Privilege escalation vulnerabilities explained
Privilege escalation vulnerabilities turn a low-privilege foothold into root or admin access. Learn how they work, key CVEs, and how to detect them.
Kubernetes RBAC misconfiguration explained
RBAC misconfigurations like wildcard rules and default service account bindings have powered real cluster takeovers, from CVE-2018-1002105 to Siloscape.
Cloud IAM privilege escalation paths explained
A breakdown of how cloud IAM privilege escalation paths work across AWS, GCP, and Azure, with real permission chains and breach examples.
Harbor Registry Privilege Escalation via Self-Registratio...
CVE-2019-16097 let attackers self-register as Harbor admins via a single API call. Here's the impact, affected versions, timeline, and how to remediate it.
AWS IAM policy misconfiguration vulnerability patterns
Wildcard policies, PassRole chains, and trust-policy gaps drive most AWS IAM breaches. Here's how these misconfiguration patterns actually get exploited.
GCP IAM privilege escalation paths explained
Attackers escalate GCP privilege using IAM actAs chains, default Editor service accounts, and Cloud Build tokens -- no exploit code required.
Multi-Factor Authentication Bypass via Privilege Escalation
Attackers increasingly skip cracking MFA altogether — they escalate privileges around it. Real cases from Microsoft, Uber, and SolarWinds show how, and what actually stops it.
CVE-2021-22112: Improper authorization in Spring Security...
CVE-2021-22112 let Spring Security lose SecurityContext changes mid-request, an improper authorization flaw exposing OAuth2-secured apps to privilege escalation.