all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

A Vulnerability in Polkit's pkexec Component Could Allow For Local Privilege Escalation

Add to bookmarks
Jan. 26, 2022, 2:33 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability in Polkit's pkexec component could allow for local privilege escalation. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones. Polkit is installed by default on all major Linux distributions. Successful exploitation of this vulnerability could result in privilege escalation to root privileges.

escalation local pkexec polkit privilege privilege escalation vulnerability

Visit resource

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Oracle Quarterly Critical Patches Issued April 16, 2024 2 days, 3 hours ago | www.cisecurity.org
april code code execution critical +7
Multiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code Execution 2 days, 6 hours ago | www.cisecurity.org
authentication avalanche code code execution +23
Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution 2 days, 11 hours ago | www.cisecurity.org
attacker chrome code code execution +9
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution 3 days, 8 hours ago | www.cisecurity.org
access arbitrary code arbitrary code execution browser +17
A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution 1 week ago | www.cisecurity.org
alto arbitrary code arbitrary code execution code +16
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution 1 week, 2 days ago | www.cisecurity.org
arbitrary code arbitrary code execution attacker chrome +9
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution 1 week, 3 days ago | www.cisecurity.org
adobe adobe after effects adobe commerce after effects +14
Critical Patches Issued for Microsoft Products, April 09, 2024 1 week, 3 days ago | www.cisecurity.org
accounts april attacker change +14
A Vulnerability in Broadcom Brocade Fabric OS Could Allow for Arbitrary Code Execution 2 weeks ago | www.cisecurity.org
arbitrary code arbitrary code execution area broadcom +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Solution Architect

@ Civica | London, England, United Kingdom
View on infosec-jobs.com

Information Security Officer (80-100%)

@ SIX Group | Zurich, CH
View on infosec-jobs.com

Cloud Information Systems Security Engineer

@ Analytic Solutions Group | Chantilly, Virginia, United States
View on infosec-jobs.com

SRE Engineer & Security Software Administrator

@ Talan | Mexico City, Spain
View on infosec-jobs.com
View more jobs