The Cybersecurity and Infrastructure Security Agency has updated its Known Exploited Vulnerabilities Catalog with eight new vulnerabilities. One of them is a high-severity Linux vulnerability, named PwnKit, which is being exploited in the wild. The vulnerability tracked as CVE-2021-4034, is found in the Polkit’s pkexec component, which is used by many major distros, such as Ubuntu, Debian, Fedora, and CentOS.
Hidden in plain sight for 12 years
CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities.
According to Qualys‘ announcement, the organization discovered the vulnerability, the vulnerability was hiding in plain sight for over 12 years, since its first release in 2009. It also means that it impacts all Polkit versions. Shortly after Qualys shared the details about the vulnerability, the proof-of-concept exploit code has been shared online.
PwnKit allows unprivileged users to gain full root privileges on Linux operating system when exploited. CISA and security experts are urging admins to apply the patches released by Polkit. All Federal Civilian Executive Branch Agencies now have time until July 18 to patch the Linux servers to reduce the attack surface.