[MART] - Daily Diary #439 - Local Privilege Escalation Vulnerability Discovered In pkexec

[CTAS-MAT]

Hello,

I hope everyone is doing well!

Below is the entry for today.

01/26/2022 - Diary entry #439:

Pkexec is a binary that is default on every major Linux distribution. It allows an authorized user to execute a program as another user, providing a way for non-privileged processes to communicate with privileged processes. Yesterday, a new memory corruption vulnerability has been responsibly disclosed. Tracked as CVE-2021-4034 and named PwnKit, it results in Local Privilege Escalation.

This vulnerability received a severity score of 7.8 and allows any unprivileged user to gain full root privileges by exploiting this vulnerability in its default configuration. It has been hidden for more than 12 years, affecting all versions of pkexec since its first version in May 2009. It's very easy to exploit and a Proof-of-Concept was already published on Github.

Since it affects different architectures and is very easy to exploit, we expect threat actors to use it during their attacks. It's important to note that security patches were already released, so it's mandatory to keep all affected operating systems updated.

Kind Regards,

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/logo@2x.png]<https://www.appgate.com/>

[https://d3aafpijpsak2t.cloudfront.net/images/Signature/likedin@2x.png]<https://www.linkedin.com/company/appgate-security/>     [https://d3aafpijpsak2t.cloudfront.net/images/Signature/twitter@2x.png] <https://twitter.com/AppgateSecurity>   [https://d3aafpijpsak2t.cloudfront.net/images/Signature/youtube@2x.png] <https://www.youtube.com/channel/UC-8GvxcZbm-R3EJNl8jYjiQ>



Felipe Tarijon de Almeida
Malware Analyst
Appgate

E: felipe.tarijon at appgate.com<mailto:felipe.tarijon at appgate.com>
C: +55 11 97467 9549

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/mart/attachments/20220126/ad05488b/attachment.htm>