LIVE NEWSROOM · --:-- · May 25, 2026
A LIBRARY FOR SECURITY RESEARCHERS

MITRE ATT&CK  /  T1078.003

T1078.003

Local Accounts

SUB-TECHNIQUE Stealth Persistence Privilege Escalation Initial Access

Description

Adversaries may obtain and abuse credentials of a local account as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion. Local accounts are those configured by an organization for use by users, remote support, services, or for administration on a single system or service.Local Accounts may also be abused to elevate privileges and harvest credentials through [OS Credential Dumping](https://attack.mitre.org/techniques/T1003). Password reuse may allow the abuse of local accounts across a set of machines on a network for the purposes of Privilege Escalation and Lateral Movement.

Platforms

ContainersESXiLinuxmacOSNetwork DevicesWindows

Mitigations

  • M1026 — Privileged Account Management
  • M1032 — Multi-factor Authentication
  • M1027 — Password Policies
  • M1018 — User Account Management
Look up any technique

Use our free MITRE ATT&CK lookup tool, or browse the full ATT&CK matrix.

Our coverage

Source: MITRE ATT&CK Enterprise matrix. View on attack.mitre.org →

Scroll to Top