| ID | Name |
|---|---|
| ATAGS-T1078.001 | Bypass User Account Control |
| ATAGS-T1078.002 | Elevated Execution with Prompt |
| ATAGS-T1078.003 | Setuid and Setgid |
| ATAGS-T1078.004 | Sudo and Sudo Caching |
| ATAGS-T1078.005 | TCC Manipulation |
| ATAGS-T1078.006 | Temporary Elevated Cloud Access |
Threat Actors may abuse permission configurations that allow them to gain temporarily elevated access to cloud resources. Many cloud environments allow administrators to grant user or service accounts permission to request just-in-time access to roles, impersonate other accounts, pass roles onto resources and services, or otherwise gain short-term access to a set of privileges that may be distinct from their own.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.