PwnKit Vulnerability

Share This Post

PwnKit Vulnerability

Researches at Qualys have discovered a local privilege escalation vulnerability in all distributions of Linux. This vulnerability appears to be trivial to exploit, though it does require some level of “local” access (could potentially be used with SSH or other remote-control methods) for execution.

Proof of Concept exploits have been developed and released. Exploitation is likely at this point. Patches have been released and should be applied.

Qualys Report: https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034



Reach out to our incident response team for help

More To Explore

Information Security News – 7/13/26

Fake IT bods on Microsoft Teams coax workers into installing malware Article Link: https://www.theregister.com/cyber-crime/2026/07/07/fake-it-bods-on-microsoft-teams-coax-workers-into-installing-malware/5267610 Phishing poses as big-brand job interview to steal Google accounts Article

Information Security News – 07/06/26

SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation Article Link: https://thehackernews.com/2026/07/sharepoint-rce-cve-2026-45659-added-to.html ‘Djinn’ Stealer Targets Cloud, AI Credentials Article Link: https://www.darkreading.com/cyberattacks-data-breaches/djinn-stealer-targets-cloud-ai-credentials ChocoPoC Malware Targets

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.