SAINT CorporationSAINT:0BAAF4A65DB7FA2C026FDB0EB653CD13Polkit pkexec privilege elevation
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0005 Low
EPSS
Percentile
15.6%
Added: 01/27/2022
CVE: CVE-2021-4034
Background
Polkit is a Linux package for handling policies that allow unprivileged processes to communicate with privileged processes. It includes a tool called **pkexec** that allows the user to execute commands as another user according to the polkit policy.
Problem
A privilege elevation vulnerability in **pkexec** allows local unprivileged users to execute arbitrary commands with root privileges.
Resolution
Upgrade to Polkit 0.121 or higher when available, or apply a fix from your Linux vendor.
References
<https://access.redhat.com/security/cve/CVE-2021-4034>
<https://gitlab.freedesktop.org/polkit/polkit/-/issues/166>
Limitations
Exploit requires an existing unprivileged shell connection to the target.
Platforms
Linux
Related
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0005 Low
EPSS
Percentile
15.6%