Standardlikelihood: Highseverity: Very HighDraft

CAPEC-69Target Programs with Elevated Privileges

Abstraction
Standard
Status
Draft
Likelihood
High
Severity
Very High

Description

This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges. Metadata: standard CAPEC pattern, status draft, likelihood high, severity very high. Underlying weaknesses: CWE-250, CWE-15. Related CAPEC patterns: [object Object], [object Object], [object Object], [object Object] (and 1 more).

Related weaknesses· 2

CWE-250CWE-15

Related attack patterns· 5

CAPEC-233 (ChildOf)CAPEC-8 (CanPrecede)CAPEC-9 (CanPrecede)CAPEC-10 (CanPrecede)CAPEC-67 (CanPrecede)

Exploits2

TypeTargetConfidenceTier
WeaknessExternal Control of System or Configuration Settingcwe-15100%live
WeaknessExecution with Unnecessary Privilegescwe-250100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CAPEC
Privilege Escalation
CAPEC
Hijacking a privileged process
CAPEC
Exploitation of Improperly Configured or Implemented Memory Protections
CAPEC
Privilege Abuse
CAPEC
Buffer Overflow in Local Command-Line Utilities
CAPEC
Hijacking a Privileged Thread of Execution
Sourced from MITRE CAPEC. Curated by Adam Lundqvist, SQUR.