Privilege Escalation

Privilege escalation includes techniques that allow an attacker to obtain a higher level of permissions on the mobile device. Attackers may enter the mobile device with very limited privileges and may be required to take advantage of a device weakness to obtain higher privileges necessary to successfully carry out their mission objectives.
ID: TA0029

Techniques

Techniques: 2
IDNameDescription
T1404Exploit OS Vulnerability

A malicious app can exploit unpatched vulnerabilities in the operating system to obtain escalated privileges.

T1405Exploit TEE Vulnerability

A malicious app or other attack vector could be used to exploit vulnerabilities in code running within the Trusted Execution Environment (TEE) . The adversary could then obtain privileges held by the TEE potentially including the ability to access cryptographic keys or other sensitive data . Escalated operating system privileges may be first required in order to have the ability to attack the TEE . If not, privileges within the TEE can potentially be used to exploit the operating system .