Security News > 2022 > July > CISA Warns of Active Exploitation of 'PwnKit' Linux Vulnerability in the Wild
The U.S. Cybersecurity and Infrastructure Security Agency this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation.
Polkit is a toolkit for controlling system-wide privileges in Unix-like operating systems, and provides a mechanism for non-privileged processes to communicate with privileged processes.
Successful exploitation of the flaw could induce pkexec to execute arbitrary code, granting an unprivileged attacker administrative rights on the target machine and compromising the host.
It's not immediately clear how the vulnerability is being weaponized in the wild, nor is there any information on the identity of the threat actor that may be exploiting it.
The agency added the newly disclosed Mitel VoIP zero-day as well as five Apple iOS vulnerabilities that were recently uncovered as having been abused by Italian spyware vendor RCS Lab.
Federal Civilian Executive Branch Agencies are required to mandatorily patch the flaw by July 18, 2022.
News URL
https://thehackernews.com/2022/06/cisa-warns-of-active-exploitation-of.html
Related news
- CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)