CVE-2021-4034

KEV
Published: Gen 28, 2022 Last Modified: Nov 06, 2025
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH 7,2
Source: [email protected]
Access Vector: local
Access Complexity: low
Authentication: none
Confidentiality: complete
Integrity: complete
Availability: complete

Description

AI Translation Available

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,8844
Percentile
1,0th
Updated

EPSS Score Trend (Last 90 Days)

125

Out-of-bounds Read

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Availability Other
Potential Impacts:
Read Memory Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Varies By Context
Applicable Platforms
Languages: C, C++, Memory-Unsafe
Technologies: ICS/OT
View CWE Details
787

Out-of-bounds Write

Draft
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Other
Potential Impacts:
Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State
Applicable Platforms
Languages: Assembly, C, C++, Memory-Unsafe
Technologies: ICS/OT
Likelihood of Exploit: High
View CWE Details
Exploit

PolicyKit-1 0.105-31 - Privilege Escalation

PolicyKit-1 0.105-31 - Privilege Escalation

Author: Lance Biggerstaff Published:
View Exploit Code →
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 15
cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:-:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems Eus
Version 8.2
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Starwind Virtual San by Starwindsoftware

Product Information
Vendor Starwindsoftware
Product Starwind Virtual San
Version v8
cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14338:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Tus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Tus
Version 7.7
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Big Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Big Endian
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 18.04
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Workstation Extension by Suse

Product Information
Vendor Suse
Product Linux Enterprise Workstation Extension
Version 12
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Desktop by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Desktop
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Scientific Computing by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Scientific Computing
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Update Services For Sap Solutions
Version 8.2
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian
Version 8.0
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Update Services For Sap Solutions
Version 8.1
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Eus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 8.2
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 7.7
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 16.04
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 14.04
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Workstation by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Workstation
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Eus
Version 8.2
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems
Version 8.0
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Desktop by Suse

Product Information
Vendor Suse
Product Linux Enterprise Desktop
Version 15
cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems Eus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian Eus
Version 8.1
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 20.04
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian Eus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 7.3
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Manager Proxy by Suse

Product Information
Vendor Suse
Product Manager Proxy
Version 4.1
cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server
Version 6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Scalance Lpe9403 Firmware by Siemens

Product Information
Vendor Siemens
Product Scalance Lpe9403 Firmware
Version Range Affected
To 2.0 (exclusive)
cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Ubuntu Linux by Canonical

Product Information
Vendor Canonical
Product Ubuntu Linux
Version 21.10
cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Tus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Tus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Http Server by Oracle

Product Information
Vendor Oracle
Product Http Server
Version 12.2.1.4.0
cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Tus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Tus
Version 8.2
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Command Center by Starwindsoftware

Product Information
Vendor Starwindsoftware
Product Command Center
Version 1.0
cpe:2.3:a:starwindsoftware:command_center:1.0:update3_build5871:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 7.6
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Manager Server by Suse

Product Information
Vendor Suse
Product Manager Server
Version 4.1
cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Tus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Tus
Version 7.6
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Update Services For Sap Solutions
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Enterprise Linux Server Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Update Services For Sap Solutions
Version 7.6
cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Linux Enterprise High Performance Computing by Suse

Product Information
Vendor Suse
Product Linux Enterprise High Performance Computing
Version 15.0
cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:-:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Sinumerik Edge by Siemens

Product Information
Vendor Siemens
Product Sinumerik Edge
Version Range Affected
To 3.3.0 (exclusive)
cpe:2.3:a:siemens:sinumerik_edge:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Zfs Storage Appliance Kit by Oracle

Product Information
Vendor Oracle
Product Zfs Storage Appliance Kit
Version 8.8
cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 7.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Http Server by Oracle

Product Information
Vendor Oracle
Product Http Server
Version 12.2.1.3.0
cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server Aus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Aus
Version 8.4
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian Eus by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian Eus
Version 8.2
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Enterprise Linux Server Update Services For Sap Solutions by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server Update Services For Sap Solutions
Version 7.7
cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Polkit by Polkit Project

Product Information
Vendor Polkit Project
Product Polkit
Version Range Affected
To 121 (exclusive)
cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux
Version 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Enterprise Server by Suse

Product Information
Vendor Suse
Product Linux Enterprise Server
Version 15
cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:sap:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application

Enterprise Storage by Suse

Product Information
Vendor Suse
Product Enterprise Storage
Version 7.0
cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalo…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021…
http://packetstormsecurity.com/files/166196/Polkit-pkexec-L…
http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escal…
http://packetstormsecurity.com/files/166200/Polkit-pkexec-P…
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.…
https://access.redhat.com/security/vulnerabilities/RHSB-202…
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001
https://bugzilla.redhat.com/show_bug.cgi?id=2025869
https://bugzilla.redhat.com/show_bug.cgi?id=2025869
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.…
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5…
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d…
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://www.secpod.com/blog/local-privilege-escalation-vuln…
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-l…
https://www.starwindsoftware.com/security/sw-20220818-0001/
https://www.starwindsoftware.com/security/sw-20220818-0001/
https://www.suse.com/support/kb/doc/?id=000020564
https://www.suse.com/support/kb/doc/?id=000020564
https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cv…
https://www.vicarius.io/vsociety/posts/pwnkit-pkexec-lpe-cve-2021-4034
http://packetstormsecurity.com/files/166196/Polkit-pkexec-L…
http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escal…
http://packetstormsecurity.com/files/166200/Polkit-pkexec-P…
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.…
https://access.redhat.com/security/vulnerabilities/RHSB-202…
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001
https://bugzilla.redhat.com/show_bug.cgi?id=2025869
https://bugzilla.redhat.com/show_bug.cgi?id=2025869
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.…
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5…
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d…
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://www.secpod.com/blog/local-privilege-escalation-vuln…
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-l…
https://www.starwindsoftware.com/security/sw-20220818-0001/
https://www.starwindsoftware.com/security/sw-20220818-0001/
https://www.suse.com/support/kb/doc/?id=000020564
https://www.suse.com/support/kb/doc/?id=000020564