CVE-2021-4034

Pkexec - Pwnkit - Local Privilege Escalation

Pwnkit, Polkit - Local Privilege Escalation - Python - Redhat

Vulnerability --> pkexec /

The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands.

Score: CVSS v2.0: 7.2 // CVSS v3.x: 7.8

Shows on:

• HTB-Fulcrum

#Look for it 
find / -perm -4000 -type f 2>/dev/null

POC:

GitHub - joeammond/CVE-2021-4034: Python exploit code for CVE-2021-4034 (pwnkit)GitHub

Resources:

CVE - CVE-2021-4034

NVD - cve-2021-4034