Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2021-4034 First vendor Publication 2022-01-28
Vendor Cve Last vendor Modification 2023-11-07

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Overall CVSS Score 7.8
Base Score 7.8 Environmental Score 7.8
impact SubScore 5.9 Temporal Score 7.8
Exploitabality Sub Score 1.8
 
Attack Vector Local Attack Complexity Low
Privileges Required Low User Interaction None
Scope Unchanged Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 7.2 Attack Range Local
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 3.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-787 Out-of-bounds Write (CWE/SANS Top 25)
50 % CWE-125 Out-of-bounds Read

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 2
Application 1
Application 3
Application 2
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Application 1
Os 5
Os 1
Os 1
Os 1
Os 2
Os 2
Os 1
Os 2
Os 3
Os 1
Os 2
Os 6
Os 1
Os 4
Os 3
Os 1
Os 1
Os 2
Os 1

SAINT Exploits

Description Link
Polkit pkexec privilege elevation More info here

Metasploit Database

id Description
2022-01-25 Local Privilege Escalation in polkits pkexec

Sources (Detail)

Source Url
CONFIRM https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf
MISC http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Esc...
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalatio...
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001
https://bugzilla.redhat.com/show_bug.cgi?id=2025869
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c77...
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major...
https://www.starwindsoftware.com/security/sw-20220818-0001/
https://www.suse.com/support/kb/doc/?id=000020564

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Date Informations
2023-11-07 21:32:59
  • Multiple Updates
2023-10-18 09:27:52
  • Multiple Updates
2023-09-12 00:28:02
  • Multiple Updates
2023-02-14 05:27:33
  • Multiple Updates
2023-02-03 05:27:39
  • Multiple Updates
2022-10-25 21:27:29
  • Multiple Updates
2022-10-12 05:27:33
  • Multiple Updates
2022-10-05 21:27:34
  • Multiple Updates
2022-06-14 17:27:25
  • Multiple Updates
2022-04-20 09:23:08
  • Multiple Updates
2022-04-18 13:23:08
  • Multiple Updates
2022-04-14 21:23:08
  • Multiple Updates
2022-03-05 00:23:10
  • Multiple Updates
2022-03-04 00:23:09
  • Multiple Updates
2022-03-03 17:22:57
  • Multiple Updates
2022-01-31 21:22:53
  • Multiple Updates
2022-01-29 09:22:53
  • Multiple Updates
2022-01-29 00:22:52
  • First insertion