#privilege-escalation
8 articles
News3
ConnectWise ScreenConnect Hit by Critical Signature Bypass
ConnectWise warns customers of a cryptographic signature verification flaw in ScreenConnect that enables unauthorized access and privilege escalation attacks.
CVE-2026-3888: Ubuntu Desktop Privilege Escalation Flaw
A high-severity vulnerability in Ubuntu Desktop 24.04+ allows unprivileged attackers to gain root access through privilege escalation.
CrackArmor Flaws Let Attackers Bypass Linux Kernel Security
Nine vulnerabilities in Linux AppArmor module allow unprivileged users to escalate privileges and break container isolation.
Windows Events5
Windows Event ID 6276 – Microsoft-Windows-Security-Auditing: Special Privileges Assigned to New Logon
Event ID 6276 records when special privileges are assigned to a user account during logon, indicating elevated access rights have been granted for the session.
Windows Event ID 4976 – Microsoft-Windows-Security-Auditing: Special Logon
Event ID 4976 records when a user account is granted special privileges during logon, typically for service accounts or administrative access requiring elevated permissions.
Windows Event ID 4876 – Security: Special Privileges Assigned to New Logon
Event ID 4876 records when special privileges are assigned to a new user logon session, indicating elevated access rights have been granted during authentication.
Windows Event ID 4717 – Microsoft-Windows-Security-Auditing: System Security Access Was Granted
Event ID 4717 logs when a user or process is granted system security access privileges, typically involving sensitive security operations like backup, restore, or system-level access rights.
Windows Event ID 4673 – Security: Sensitive Privilege Use
Event ID 4673 logs when a user or process attempts to use a sensitive privilege on Windows systems. This security audit event helps track privileged operations and potential security risks.