An attacker who does not normally have any privileges on the system is able to obtain privilege. The worst case is a remote root exploit which allows a remote attacker to obtain the same privileges as the root user or superuser. It is worth remembering that any remote exploit may give the attacker sufficient access to exploit a local exploit and raise his privilege that way.