![]() ![]() I like arthepsy’s best, because it’s self-contained and concise. There are a number of proof of concept exploits floating around. Remediating this issue should be on your TODO list, but things aren’t on fire here. However, as a general reminder, an attacker that has sufficient access to exploit this vulnerability is an attacker already in your system. This is an excellent finding and a useful exploit. While there are many such vulnerabilities published every year, this one is especially interesting because exploitation is trivial, the utility is ubiquitous, and the vulnerability has reportedly existed in the software all the way back to 2009. The vulnerability was disclosed on January 25, 2022.Įxploitation of the vulnerability allows a low privileged user to escalate to root. The vulnerability was discovered by Qualys and given the nickname of pwnkit. CVE-2021-4034 is a local privilege escalation vulnerability affecting the pkexec utility commonly found on Linux distributions. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |