LetsDefend Monitoring Alert

Pwnkit (CVE-2021-4034) Detected

Jan, 26, 2022, 04:33 PM

Event ID: 112

Event Time: Jan, 26, 2022, 04:33 PM

Rule Name: SOC162 - Pwnkit (CVE-2021-4034) Detected - Auditd (pkexec)

Alert Type: Generic

MITRE Technique:
T1491 - Impact - Defacement,

Real World Example:A 12-year-old vulnerability (CVE-2021-4034) has been discovered in the Polkit utility that could allow unprivileged attackers to gain root access to targeted Linux systems.

Severity: High

Incident Responder

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166