CISA Warns of Active Exploitation of ‘PwnKit’ Linux Vulnerability in the Wild

28

Jun

2022

CISA Warns of Active Exploitation of ‘PwnKit’ Linux Vulnerability in the Wild

image credit: pixabay

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation.

The issue, tracked as CVE-2021-4034 (CVSS score: 7.8), came to light in January 2022 and concerns a case of local privilege escalation in polkit’s pkexec utility, which allows an authorized user to execute commands as another user.

Archives

Archives

About Us

Our mission is to help users and also IT security passionate to reach relevant information related to cyber security.

This publication contains a lot of information and guidance on how to better protect your IT systems, data and activities from malicious factors, and also on how to safely navigate the Internet.

We look forward to hearing from you about cyber safety. Please let us know if there’s something specific you’re interested in learning about.

Contact Us

Name *
Your name is required

E-mail *
Email address entered is invalid

Please enter a message

Incorrect security code

The Latest in IT Security

CISA Warns of Active Exploitation of ‘PwnKit’ Linux Vulnerability in the Wild

Categories

Featured

Archives

Latest Comments

About Us

Contact Us