LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is Elevation of Privilege in STRIDE and what security property does it violate?

Gaining capabilities you weren't granted (e.g. user → admin) — it violates Authorization.

Elevation of Privilege (EoP):

Aspect Description
Property violated Authorization
Definition Gain capabilities without proper authorization
Examples User gaining admin rights, escaping a sandbox, remote code execution

Why it's critical: EoP often leads to complete system compromise. An attacker with elevated privileges can:

  • Access all data
  • Modify system configuration
  • Install persistent backdoors
  • Disable security controls

Mitigation:

  • Principle of least privilege
  • Input validation
  • Sandboxing
  • Regular patching

From Quiz: SPRG / SDL and Threat Modeling | Updated: Jul 14, 2026