Polkit pkexec Local Privilege Escalation Vulnerability (CVE-2021-4034)
On 25 January 2022, researchers at Qualys revealed a memory corruption vulnerability in Polkit’s pkexec tool, present in most major Linux distributions since 2009. An attacker with local access to a vulnerable system could exploit this vulnerability to elevate their privileges to root. Polkit (previously known as PolicyKit) is used for inter-process communication between privileged and non-privileged processes on Linux systems. The pkexec command is used by authorized users to execute commands at elevated privileges (like using sudo).
WatchGuard is currently reviewing all of its products and services and so far has determined that none of its products and services are vulnerable to CVE-2021-4034 (PwnKit).
Firebox Appliances, WatchGuard System Manager, Dimension, and TDR
All WatchGuard Firebox appliances, WatchGuard System Manager, Dimension, and TDR are not affected by this vulnerability.
WatchGuard Wireless APs are not affected by this vulnerability.
WatchGuard Cloud is not affected by this vulnerability.
WatchGuard EPDR and Panda AD360
WatchGuard EPDR and Panda AD360 are not affected by this vulnerability.
Some systems in WatchGuard's DNSWatch cloud infrastructure were running vulnerable versions of PolKit. We have patched these systems and have found no evidence of attempted exploit.