Event ID: 112

Event Time: Jan, 26, 2022, 04:33 PM

Rule Name: SOC162 - Pwnkit (CVE-2021-4034) Detected - Auditd (pkexec)

Alert Type: Generic

Real World Example:⭐ A 12-year-old vulnerability (CVE-2021-4034) has been discovered in the Polkit utility that could allow unprivileged attackers to gain root access to targeted Linux systems.

Severity: High

Incident Responder