| ID | Name |
|---|---|
| ATAGS-T1078.001 | Bypass User Account Control |
| ATAGS-T1078.002 | Elevated Execution with Prompt |
| ATAGS-T1078.003 | Setuid and Setgid |
| ATAGS-T1078.004 | Sudo and Sudo Caching |
| ATAGS-T1078.005 | TCC Manipulation |
| ATAGS-T1078.006 | Temporary Elevated Cloud Access |
Threat Actors may perform sudo caching and/or use the sudoers file to elevate privileges. Threat Actors may do this to execute commands as other users or spawn processes with higher privileges.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.