Unauthorised privilege escalation happens when an adversary obtains a higher level of access (administrative privileges), in order to gain control of the network system.
Some of it can be mitigated, but BIOS and UEFI firmware, for example, are low-level software that starts before the operating system. Vulnerabilities in drivers can be and have been abused to achieve privilege escalation. From the kernel, an attacker can move to firmware and hardware interfaces, allowing them to compromise the target host beyond detection capabilities of normal threat protection, which operates at OS level. Malware and backdoors planted in such low level components are invisible to most security solutions and cannot be removed by reinstalling the OS.
sudorights to compilers, interpreters or editors, including
gdb. Do not give
sudorights to any program that enables running a shell. Severely limit
sudoaccess using the least-privilege principle.