← Back to Explore
T1548.004
Elevated Execution with Prompt
Adversaries may leverage the <code>AuthorizationExecuteWithPrivileges</code> API to escalate privileges by prompting the user for credentials.(Citation: AppleDocs AuthorizationExecuteWithPrivileges) The purpose of this API is to give application developers an easy way to perform operations with root privileges, such as for application installation or updating. This API does not validate that the program requesting root privileges comes from a reputable source or has been maliciously modified. ...
macOS
2
Detections
1
Sources
0
Threat Actors
BY SOURCE
2elastic
PROCEDURES (1)
Script Execution Monitoring2 detections
Auto-extracted: 2 detections for script execution monitoring