Unauthorised privilege escalation happens when an adversary obtains a higher level of access (administrative privileges), in order to gain control of the network system.
Some of it can be mitigated, but BIOS and UEFI firmware, for example, are low-level software that starts before the operating system. Vulnerabilities in drivers can be and have been abused to achieve privilege escalation. From the kernel, an attacker can move to firmware and hardware interfaces, allowing them to compromise the target host beyond detection capabilities of normal threat protection, which operates at OS level. Malware and backdoors planted in such low level components are invisible to most security solutions and cannot be removed by reinstalling the OS.
sudo
rights to compilers, interpreters or editors, including vi
, more
, less
, nmap
, perl
, ruby
, python
, and gdb
. Do not give sudo
rights to any program that enables running a shell. Severely limit sudo
access using the least-privilege principle.