Local Privilege Escalation (LPE) is a vulnerability that lets an attacker with low privileges on a system gain higher privileges, often root or administrator, without needing a remote entry point. The attacker already has some level of access, such as a shell, a user account, or code running inside a compromised process.
LPE matters because it turns limited access into full control. In real attacks, LPE bugs are often used after initial foothold to disable defenses, read protected data, install persistence, or move deeper into a network. Common causes include kernel memory corruption, weak file permission checks, insecure service configurations, and flawed setuid or driver code. Defenders reduce risk by patching quickly, removing unnecessary privileged components, enforcing least privilege, and monitoring for unusual privilege changes or escalation attempts.



