Which attack is characterized by an insider gaining elevated access through misconfigurations?

Privilege escalation is an attack characterized by an insider gaining elevated access through misconfigurations. This type of attack occurs when a user or an insider exploits flaws or mistakes in a system’s configuration to gain higher-level permissions than they should have. Such misconfigurations can include improperly set user roles, inadequate security controls, or overlooked vulnerabilities that allow unauthorized users to access sensitive data or critical systems.

In this context, an insider may already have some level of access but leverages the environment's weaknesses to escalate their permissions, allowing them to perform actions beyond their authorized capabilities. This can lead to significant security breaches, as the insider can potentially manipulate or exfiltrate sensitive information that they would typically not have access to.

Other types of attacks, such as a Denial of Service, focus on overwhelming a system or network to render it unusable, while Man-in-the-Middle attacks involve intercepting communication between two parties. Data manipulation involves altering or corrupting data, which may not necessarily involve privileged access or misconfigurations. Therefore, privilege escalation specifically relates to gaining elevated access due to system vulnerabilities and misconfigurations.