Safeguard
Tag

privilege-escalation

Safeguard articles tagged "privilege-escalation" — guides, analysis, and best practices for software supply chain and application security.

43 articles

Vulnerability Analysis

Linux AF_PACKET privilege escalation (CVE-2020-14386)

CVE-2020-14386 lets a local attacker with CAP_NET_RAW corrupt Linux kernel heap memory via AF_PACKET and escalate privileges. Here's the fix and impact.

Jan 8, 20268 min read
Vulnerability Analysis

sudo -e/sudoedit privilege escalation bypass (CVE-2019-14287)

CVE-2019-14287 let sudo users bypass "run as any user except root" rules via `sudo -u#-1`, gaining full root. Here's how it worked and how to fix it.

Jan 7, 20268 min read
Vulnerability Analysis

PwnKit polkit pkexec local privilege escalation (CVE-2021-4034)

PwnKit (CVE-2021-4034) is a 12-year-old polkit pkexec flaw giving any local user instant root on most Linux distros. Here's the full breakdown and fix.

Jan 7, 20267 min read
Vulnerability Analysis

Docker Engine remap-root UID mapping vulnerability (CVE-2021-21284)

CVE-2021-21284 let remapped-root containers escalate to real host root, defeating Docker's userns-remap isolation. Here's the full breakdown and fix.

Dec 15, 20256 min read
Vulnerability Analysis

Privilege escalation vulnerabilities explained

Privilege escalation vulnerabilities turn a low-privilege foothold into root or admin access. Learn how they work, key CVEs, and how to detect them.

Dec 9, 20256 min read
Vulnerability Analysis

Kubernetes RBAC misconfiguration explained

RBAC misconfigurations like wildcard rules and default service account bindings have powered real cluster takeovers, from CVE-2018-1002105 to Siloscape.

Dec 4, 20256 min read
Vulnerability Analysis

Cloud IAM privilege escalation paths explained

A breakdown of how cloud IAM privilege escalation paths work across AWS, GCP, and Azure, with real permission chains and breach examples.

Dec 3, 20257 min read
Vulnerability Analysis

Harbor Registry Privilege Escalation via Self-Registratio...

CVE-2019-16097 let attackers self-register as Harbor admins via a single API call. Here's the impact, affected versions, timeline, and how to remediate it.

Nov 22, 20257 min read
Cloud Security

AWS IAM policy misconfiguration vulnerability patterns

Wildcard policies, PassRole chains, and trust-policy gaps drive most AWS IAM breaches. Here's how these misconfiguration patterns actually get exploited.

Nov 4, 20257 min read
Cloud Security

GCP IAM privilege escalation paths explained

Attackers escalate GCP privilege using IAM actAs chains, default Editor service accounts, and Cloud Build tokens -- no exploit code required.

Nov 3, 20257 min read
Industry Analysis

Multi-Factor Authentication Bypass via Privilege Escalation

Attackers increasingly skip cracking MFA altogether — they escalate privileges around it. Real cases from Microsoft, Uber, and SolarWinds show how, and what actually stops it.

Nov 1, 20257 min read
Vulnerability Analysis

CVE-2021-22112: Improper authorization in Spring Security...

CVE-2021-22112 let Spring Security lose SecurityContext changes mid-request, an improper authorization flaw exposing OAuth2-secured apps to privilege escalation.

Sep 21, 20258 min read
privilege-escalation (Page 3) — Safeguard Blog