Skip to content
cloud-security

Privilege Escalation (Cloud)

Cloud Privilege Escalation

Definition

Cloud privilege escalation refers to techniques where an attacker with limited cloud permissions gains higher privileges by exploiting misconfigurations in IAM policies, resource-based policies, or trust relationships. Common paths include using `iam:CreatePolicyVersion` to replace an existing policy, assuming a more privileged role via `sts:AssumeRole`, or exploiting `lambda:UpdateFunctionCode` to modify a Lambda function's execution role.

CIEM tools model these privilege escalation paths to proactively identify and remediate high-risk permission combinations.

Related Terms

CIEM
Cloud Infrastructure Entitlement Management
IAM Roles
Cloud IAM Roles
Permission Boundaries
IAM Permission Boundaries
← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product