Standardseverity: MediumDraft

CAPEC-234Hijacking a privileged process

Abstraction
Standard
Status
Draft
Severity
Medium

Description

An adversary gains control of a process that is assigned elevated privileges in order to execute arbitrary code with those privileges. Some processes are assigned elevated privileges on an operating system, usually through association with a particular user, group, or role. If an attacker can hijack this process, they will be able to assume its level of privilege in order to execute their own code.

Related weaknesses· 2

CWE-732CWE-648

Related attack patterns· 4

CAPEC-233 (ChildOf)CAPEC-242 (CanFollow)CAPEC-175 (CanFollow)CAPEC-100 (CanFollow)

Exploits2

TypeTargetConfidenceTier
WeaknessIncorrect Use of Privileged APIscwe-648100%live
WeaknessIncorrect Permission Assignment for Critical Resourcecwe-732100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Hijacking a Privileged Thread of Execution
CAPEC
Privilege Abuse
CAPEC
Privilege Escalation
CAPEC
Target Programs with Elevated Privileges
CAPEC
Inclusion of Code in Existing Process
CAPEC
Escaping Virtualization
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.