# privilege-escalation

12 articlestagged with “privilege-escalation”

Permission Boundary Bypass

Escalating from limited to elevated permissions in AI agent systems through scope creep, implicit permission inheritance, and capability confusion.

privilege-escalationpermissionsagent-securityboundariesred-teaming

Advanced

File System Agent Risks

Security risks of AI agents with file system access, including path traversal exploitation, symlink attacks, file content injection, data exfiltration through file operations, and privilege escalation via file system manipulation.

file-systemagentspath-traversalsymlink-attacksdata-exfiltrationprivilege-escalation

Intermediate

AI Agent Exploitation

Methodology for exploiting AI agent architectures through confused deputy attacks, goal hijacking, privilege escalation, and sandbox escape.

agentsexploitationtool-useprivilege-escalationsandbox-escape

Expert

A2A Delegation Chain Exploitation

Exploiting task delegation chains in multi-agent systems to achieve privilege escalation and unauthorized actions.

a2adelegationprivilege-escalation

Advanced

Hierarchical Agent Attacks

Techniques for exploiting hierarchical agent systems where manager agents delegate to worker agents, including delegation manipulation, supervisor evasion, worker exploitation, and authority chain attacks.

hierarchical-agentsdelegationmanager-workerprivilege-escalationsupervisor-evasion

Expert

AWS IAM for AI Services

IAM exploitation patterns for AWS AI services: overprivileged roles, cross-account model access, service-linked roles, resource policies for Bedrock and SageMaker, and privilege escalation through AI-specific IAM actions.

awsiamprivilege-escalationcross-accountservice-linked-rolesresource-policiesbedrocksagemaker

Advanced

GCP IAM for AI Services

IAM exploitation patterns for GCP AI services: service account exploitation, Workload Identity abuse, VPC Service Controls for AI, and privilege escalation through Vertex AI permissions.

gcpiamservice-accountsworkload-identityvpc-service-controlsprivilege-escalationvertex-ai

Advanced

Authentication & Session Attacks

Methodology for bypassing authentication, extracting API keys, manipulating session state, exploiting cross-session data leakage, and escalating privileges in LLM-powered applications.

authenticationsession-attacksapi-keysprivilege-escalationjwtllm-appsaccess-control

Advanced

Lab: Agent Permission Escalation

Hands-on lab for tricking AI agents into performing actions beyond their intended scope through privilege escalation techniques.

labagentspermission-escalationprivilege-escalationagentic-attacks

Intermediate

Simulation: Autonomous AI Agent Red Team

Red team engagement simulation targeting an autonomous AI agent with tool access, file system permissions, and internet connectivity. Tests for privilege escalation, unauthorized actions, and goal hijacking.

simulationautonomous-agenttool-useprivilege-escalationgoal-hijacking

Advanced

Instruction Hierarchy Bypass

Advanced techniques to bypass instruction priority and hierarchy enforcement in language models, exploiting conflicts between system, user, and assistant-level directives.

prompt-injectioninstruction-hierarchyprivilege-escalationred-teamingadvanced

Advanced

Role Escalation Chain

Progressive role escalation techniques that gradually transform an LLM from a constrained assistant into an unrestricted entity across multiple conversation turns.

jailbreakingrole-escalationpersona-manipulationmulti-turnprivilege-escalationred-teaming

Advanced