← Voltar para CVEs
CVE-2021-4034
HIGHCISA KEV7.8
Descricao
A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.
Detalhes CVE
Pontuacao CVSS v3.17.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado1/28/2022
Ultima modificacao11/6/2025
Fontekev
Avistamentos honeypot0
CISA KEV
FornecedorRed Hat
ProdutoPolkit
Nome da vulnerabilidadeRed Hat Polkit Out-of-Bounds Read and Write Vulnerability
Data inclusao KEV2022-06-27
Prazo de remediacao2022-07-18
Uso em ransomwareUnknown
Produtos afetados
canonical:ubuntu_linuxoracle:http_serveroracle:zfs_storage_appliance_kitpolkit_project:polkitredhat:enterprise_linuxredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_big_endianredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_for_scientific_computingredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_eusredhat:enterprise_linux_server_tusredhat:enterprise_linux_server_update_services_for_sap_solutionsredhat:enterprise_linux_workstationsiemens:scalance_lpe9403siemens:scalance_lpe9403_firmwaresiemens:sinumerik_edgestarwindsoftware:command_centerstarwindsoftware:starwind_virtual_sansuse:enterprise_storagesuse:linux_enterprise_desktopsuse:linux_enterprise_high_performance_computingsuse:linux_enterprise_serversuse:linux_enterprise_workstation_extensionsuse:manager_proxysuse:manager_server
Fraquezas (CWE)
CWE-787CWE-125CWE-787
Referencias
http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html(secalert@redhat.com)
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html(secalert@redhat.com)
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=2025869(secalert@redhat.com)
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf(secalert@redhat.com)
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683(secalert@redhat.com)
https://www.oracle.com/security-alerts/cpuapr2022.html(secalert@redhat.com)
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt(secalert@redhat.com)
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/(secalert@redhat.com)
https://www.starwindsoftware.com/security/sw-20220818-0001/(secalert@redhat.com)
https://www.suse.com/support/kb/doc/?id=000020564(secalert@redhat.com)
http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2025869(af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf(af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683(af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpuapr2022.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt(af854a3a-2127-422b-91ae-364da2661108)
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/(af854a3a-2127-422b-91ae-364da2661108)
https://www.starwindsoftware.com/security/sw-20220818-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://www.suse.com/support/kb/doc/?id=000020564(af854a3a-2127-422b-91ae-364da2661108)
https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cve-2021-4034(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-4034(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.