CVE-2021-3560
HIGH severity · CVSS 7.8 · Incorrect authorization · actively exploited (CISA KEV)
7.8CVSS HIGH ● exploited
🔴 Actively exploited in the wild (CISA Known Exploited Vulnerabilities).
Added to KEV 2023-05-12. US federal agencies must patch by 2023-06-02.
Summary
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Impact & exploitability
Attack vectorLocal
Attack complexityLow
Privileges requiredLow
User interactionNone
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)9%
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products we track (2)
Recommendation
This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.
Official patch: https://bugzilla.redhat.com/show_bug.cgi?id=1961710 ↗
Additional information
- NVD record
- https://bugzilla.redhat.com/show_bug.cgi?id=1961710Patch
- https://bugzilla.redhat.com/show_bug.cgi?id=1961710Patch
- http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.htmlAdvisory
- http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.htmlAdvisory
- http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.htmlAdvisory
- http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.htmlAdvisory
- https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/Advisory
- https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/Advisory