A 4B-parameter model trained on Linux privilege escalation now solves 93.3% of benchmark scenarios within 20 interaction rounds, trailing only a leading frontier model.
Researchers developed a two-stage post-training method to turn a small, locally run language model into a functional security agent. The first stage was supervised fine-tuning on traces from synthetic privilege-escalation environments, which alone doubled the baseline success rate. The second stage applied reinforcement learning with verifiable rewards. Privilege escalation has a clean binary outcome, which makes it well-suited to this approach. The resulting model, PrivEsc-LLM 4B, was tested on a held-out benchmark of 12 Linux privilege-escalation scenarios and beat every system tested except one leading frontier model, while cutting inference cost per successful escalation by more than 80x.
Security teams handling sensitive infrastructure often cannot send data through cloud APIs. Legal requirements, breach risk, or internal policy rule it out. A model small enough to run on-premises that matches cloud-scale performance on a real attack task changes the practical options for teams building in-house security tooling.
The benchmark covers only 12 scenarios of one task type. Privilege escalation is among the more automatable corners of offensive security work, and tasks requiring creative vulnerability discovery or novel exploit chains remain well beyond what a 4B model can do.