An attacker who normally has some privilege on the system is able to raise his privilege. This might enable a user who is normally able to login to a system to gain the same privileges as the superuser, or it might enable them to read files that they shouldn't be allowed access to.