Skip main navigation (Press Enter).
Log In
Toggle navigation
Search Options
Log In
Home
Join us
Membership (Individual)
Business Membership
Fact Sheet
Communities
Learn
Events
Cyber Mentor Match Program
Career Tips
How to stay safe
Tips for consumers
Tips for children
Tips for businesses
Research
Telus (Sponsored)
Library
Blog
Podcasts
Programs
Canadian Cybersecurity Programs
Coaching
Business Programs
SMB Power Program
Cyber Event SOAR Pack
Government Programs
Mitacs - Supercharge your business
Jobs & Career
Jobs
Cyber Student Portal - new
Cyber Faculty Teacher Directory
Volunteer opportunities
News
About
Our Story
Partner with us
Advisory Board
Cyber Speakers
Cyber Heroes Fund
Sponsors
2023 Sponsorship Opportunities
Contact
FAQ
Introductory Advertising Rates
Mentor Pages
Cyber Mentor Match Program
Mentor Match Instructions
Mentoring Enrollment Pages
Enroll as a Mentor
Enroll as a Mentee
Mentor Match FAQs
Canadian Cybersecurity Community
×
Community Home
Threads
269
Library
14
Blogs
3
Events
0
Members
1.7K
Back to discussions
Expand all
|
Collapse all
CISA Warns of Active Exploitation of 'PwnKit' Linux Vulnerability in the Wild
1.
CISA Warns of Active Exploitation of 'PwnKit' Linux Vulnerability in the Wild
0
Recommend
Dylan D'Silva
Posted 07-04-2022 13:01
Options Dropdown
The issue, tracked as
CVE-2021-4034
(CVSS score: 7.8), came to light in January 2022 and concerns a case of
local privilege escalation
in polkit's pkexec utility, which allows an authorized user to execute commands as another user.
Polkit (formerly called PolicyKit) is a toolkit for controlling system-wide privileges in Unix-like operating systems, and provides a mechanism for non-privileged processes to communicate with privileged processes.
See CISA's Known Exploited Vulnerabilities Catalog -
Known Exploited Vulnerabilities Catalog
Also note that you can subscribe to receive Bulletins as they're published from CISA -->
Cybersecurity and Infrastructure Security Agency
https://thehackernews.com/2022/06/cisa-warns-of-active-exploitation-of.html
------------------------------
Dylan D'Silva
Security Researcher
Tripwire
------------------------------
×
New Best Answer
This thread already has a best answer. Would you like to mark this message as the new best answer?
Related Content
CISA Warns of Active Exploitation of Palo Alto Networks' PAN-OS Vulnerability
Dylan D'Silva
Added 08-23-2022
Discussion Thread
0
Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers
Dylan D'Silva
Added 07-02-2022
Discussion Thread
0
Google Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the Wild
Cyber News CCN
Added 11-21-2022
Discussion Thread
0
"As Nasty as Dirty Pipe" - 8 Year Old Linux Kernel Vulnerability Uncovered
Dylan D'Silva
Added 08-23-2022
Discussion Thread
0
NSA, CISA, FBI Reveal Top CVEs Exploited by Chinese State-Sponsored Actors
Cyber News CCN
Added 10-07-2022
Discussion Thread
1
Contact Us
Membership
Join now
Learn More
About Us
About Us
Directory
Copyright 2022. All rights reserved.
Powered by Higher Logic