pkexec

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit)

The Cybersecurity and Infrastructure Security Agency (CISA) has added eight vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include two Apple, Mitel, Google Chromium, and the RedHat “PwnKit” vulnerability (CVE-2021-4034) in Polkit’s pkexec tool.

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include PwnKit) Read More »

PwnKit: “Trivially exploitable” vulnerability found in Linux Polkit’s pkexec tool

Researchers have discovered a “trivially exploitable” local privilege escalation vulnerability (CVE-2021-4034) in Polkit’s pkexec tool that affects likely every major Linux distribution.

PwnKit: “Trivially exploitable” vulnerability found in Linux Polkit’s pkexec tool Read More »