Enum: AttackEffectivePermissionsEnum (DEPRECATED)
DEPRECATED in ATT&CK Specification v3.3.0. Will be removed in v4.0.0. Closed enumeration of the effective Windows or Unix permission levels that an adversary achieves after successfully exploiting a technique. Only four values are recognized.
URI: attack:AttackEffectivePermissionsEnum
Permissible Values
| Value | Meaning | Description |
|---|---|---|
| Administrator | None | Windows Administrator-level permissions (local or domain admin) |
| SYSTEM | None | Windows SYSTEM account privileges — highest built-in Windows privilege level |
| User | None | Standard unprivileged user-level permissions |
| root | None | Unix/Linux root (superuser) privileges |
Slots
| Name | Description |
|---|---|
| x_mitre_effective_permissions | DEPRECATED in ATT&CK Specification v3 |
In Subsets
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/attack
LinkML Source
name: AttackEffectivePermissionsEnum
description: DEPRECATED in ATT&CK Specification v3.3.0. Will be removed in v4.0.0.
Closed enumeration of the effective Windows or Unix permission levels that an adversary
achieves after successfully exploiting a technique. Only four values are recognized.
deprecated: Deprecated in ATT&CK Specification v3.3.0; will be removed in v4.0.0.
in_subset:
- deprecated
from_schema: https://w3id.org/lmodel/attack
rank: 1000
permissible_values:
Administrator:
text: Administrator
description: Windows Administrator-level permissions (local or domain admin).
SYSTEM:
text: SYSTEM
description: Windows SYSTEM account privileges — highest built-in Windows privilege
level.
User:
text: User
description: Standard unprivileged user-level permissions.
root:
text: root
description: Unix/Linux root (superuser) privileges.