all InfoSec news
A Vulnerability in Polkit's pkexec Component Could Allow For Local Privilege Escalation
Jan. 26, 2022, 2:33 a.m. |
Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org
A vulnerability in Polkit's pkexec component could allow for local privilege escalation. Polkit (formerly PolicyKit) is a component for controlling system-wide privileges in Unix-like operating systems. It provides an organized way for non-privileged processes to communicate with privileged ones. Polkit is installed by default on all major Linux distributions. Successful exploitation of this vulnerability could result in privilege escalation to root privileges.
escalation local pkexec polkit privilege privilege escalation vulnerability
More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Solution Architect
@ Civica | London, England, United Kingdom
Information Security Officer (80-100%)
@ SIX Group | Zurich, CH
Cloud Information Systems Security Engineer
@ Analytic Solutions Group | Chantilly, Virginia, United States
SRE Engineer & Security Software Administrator
@ Talan | Mexico City, Spain