Serious PwnKit flaw in default Linux installations requires urgent patching

Read Time:34 Second

Security researchers have found a privilege escalation vulnerability in pkexec, a tool that’s present by default on many Linux installations. The flaw, called PwnKit, could allow attackers to easily gain root privileges on systems if they have access to a regular user without administrative privileges.

Researchers from security firm Qualys who discovered and reported the vulnerability were able to confirm it is exploitable in default configurations on some of the most popular Linux distributions including Ubuntu, Debian, Fedora and CentOS. They believe others are likely impacted as well, since the vulnerable code has existed in pkexec since the tool’s first version, over 12 years ago.

To read this article in full, please click here

Generated by Feedzy

Cyber Security News

China-Aligned “Operation Tainted Love” Targets Middle East Telecom Providers

SharePoint Phishing Scam Targets 1600 Across US, Europe

Europe’s transport sector terrorised by ransomware, data theft, and denial-of-service attacks

Security at the core of Intel’s new vPro platform

New Post-Exploitation Attack Method Found Affecting Okta Passwords

Fake GPT Chrome extension steals Facebook session cookies, breaks into accounts

Critical flaw in AI testing framework MLflow can lead to server and data compromise

New vulnerabilities found in industrial control systems of major vendors

Mass Ransomware Attack