Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-4034

Date: January 27, 2022

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Language: C

Severity Score

Related Resources (15)

http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html
https://bugzilla.redhat.com/show_bug.cgi?id=2025869
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001
https://www.starwindsoftware.com/security/sw-20220818-0001/
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683
https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cve-2021-4034
https://access.redhat.com/security/cve/CVE-2021-4034
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://nvd.nist.gov/vuln/detail/CVE-2021-4034
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/
https://www.suse.com/support/kb/doc/?id=000020564
https://www.mend.io/vulnerability-database/CVE-2021-4034

Severity Score

Weakness Type (CWE)

Improper Access Control

CWE-284

Out-of-bounds Read

CWE-125

Out-of-bounds Write

CWE-787

CVSS v3.1

Base Score:
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): LOW
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

CVSS v2

Base Score:
Access Vector (AV): LOCAL
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): COMPLETE
Integrity (I): COMPLETE
Availability (A): COMPLETE
Additional information:

Do you need more information?

Contact Us