Security researchers have found a privilege escalation vulnerability in pkexec, a tool that’s present by default on many Linux installations. The flaw, called PwnKit, could allow attackers to easily gain root privileges on systems if they have access to a regular user without administrative privileges.
Researchers from security firm Qualys who discovered and reported the vulnerability were able to confirm it is exploitable in default configurations on some of the most popular Linux distributions including Ubuntu, Debian, Fedora and CentOS. They believe others are likely impacted as well, since the vulnerable code has existed in pkexec since the tool’s first version, over 12 years ago.
To read this article in full, please click here
More Stories
Digital Car Keys Are Coming
Soon we will be able to unlock and start our cars from our phones. Let’s hope people are thinking about...
Undetected Android Trojan Expands Attack on Iranian Banks
Zimperium’s latest findings include the identification of 245 new app variants Read More
Ardent Health Services Grapples With Ransomware Disruption
Non-urgent procedures are being rescheduled, emergency room patients redirected to other hospitals Read More
ID Theft Service Resold Access to USInfoSearch Data
One of the cybercrime underground’s more active sellers of Social Security numbers, background and credit reports has been pulling data...
Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds
AI-powered tools are among the top fraud techniques used by threat actors in 2023, according to Sumsub’s third annual Identity...
iOS 17 NameDrop privacy scare: What you need to know
Warnings are spreading on social media about NameDrop, a new way for iPhone users to quickly share their contact information...