← voltar
CVE-2021-3560

CVE-2021-3560

CVSS 7.8 HIGHEPSS 22.2%● KEVCWE-863
Em resumo

O polkit, uma ferramenta que controla quem pode executar tarefas sensíveis, pode ser enganado para permitir que usuários sem privilégios ganhem acesso como administrador. Um atacante poderia explorar isso para criar contas de administrador ou assumir controle total do sistema.

Detalhe técnico

CVE-2021-3560 é uma vulnerabilidade de escalação de privilégio na validação de credenciais do polkit via D-Bus (CWE-863). Um atacante local sem privilégios pode contornar verificações de autorização através de requisições D-Bus manipuladas, obtendo privilégios de root sem autenticação adequada. Afeta confidencialidade, integridade e disponibilidade do sistema.

Resumo gerado e traduzido por IA a partir da descrição oficial.
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
n/a · polkit
PoCs públicas encontradas34
githubgithub.com/Almorabea/Polkit-exploit127githubgithub.com/secnigma/CVE-2021-3560-Polkit-Privilege-Esclation124githubgithub.com/RicterZ/CVE-2021-3560-Authentication-Agent116githubgithub.com/swapravo/polkadots82githubgithub.com/hakivvi/CVE-2021-356040githubgithub.com/winmin/CVE-2021-356025githubgithub.com/AssassinUKG/Polkit-CVE-2021-356024githubgithub.com/UNICORDev/exploit-CVE-2021-356012githubgithub.com/0dayNinja/CVE-2021-35609githubgithub.com/chenaotian/CVE-2021-35609githubgithub.com/aancw/polkit-auto-exploit5githubgithub.com/BizarreLove/CVE-2021-35602githubgithub.com/Kyyomaa/CVE-2021-3560-EXPLOIT2githubgithub.com/cpu0x00/CVE-2021-35602githubgithub.com/LucasPDiniz/CVE-2021-35602githubgithub.com/Jeanback1/CVE-2021-3560-exploit0githubgithub.com/yutasato88/CVE-2021-3560-PolkitPrivilegeEsclation0githubgithub.com/adakoifman/CVE-2021-35600githubgithub.com/iSTAR-Lab/CVE-2021-3560_PoC0githubgithub.com/curtishoughton/CVE-2021-35600githubgithub.com/admin-079/CVE-2021-35600githubgithub.com/asepsaepdin/CVE-2021-35600githubgithub.com/pashayogi/ROOT-CVE-2021-35600githubgithub.com/TieuLong21Prosper/CVE-2021-35600githubgithub.com/markyu0401/CVE-2021-3560-Polkit-Privilege-Escalation0githubgithub.com/arcslash/exploit_CVE-2021-35600githubgithub.com/titusG85/SideWinder-Exploit0githubgithub.com/MandipJoshi/CVE-2021-35600githubgithub.com/Antoine-MANTIS/POC-Bash-CVE-2021-35600githubgithub.com/SeimuPVE/CVE-2021-3560_Polkit0githubgithub.com/realatharva15/polkit-CVE-2021-3560_writeup0exploitdbwww.exploit-db.com/exploits/50011não verificadocve_referencepacketstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.htmlnão verificadocve_referencepacketstormsecurity.com/files/172836/polkit-Authentication-Bypass.htmlnão verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.htmlhttp://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1961710https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-3560