• Local Privilege Escalation in polkits pkexec
    Disclosure Date: 2022-01-25
    First seen: 2022-12-23
    exploit/linux/local/cve_2021_4034_pwnkit_lpe_pkexec
    A bug exists in the polkit pkexec binary in how it processes arguments. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent. Authors: - Qualys Security - Andris Raugulis - Dhiraj Mishra - bwatters-r7
1 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!