Security Advisory Detail

Polkit pkexec Local Privilege Escalation Vulnerability (CVE-2021-4034)

Advisory ID
WGSA-2022-00001
CVE
CVE-2021-4034
Impact
High
Status
Not Applicable
Product Family
WatchGuard Cloud
Published Date
Updated Date
Workaround Available
True
CVSS Score
7.8
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary

On 25 January 2022, researchers at Qualys revealed a memory corruption vulnerability in Polkit’s pkexec tool, present in most major Linux distributions since 2009. An attacker with local access to a vulnerable system could exploit this vulnerability to elevate their privileges to root. Polkit (previously known as PolicyKit) is used for inter-process communication between privileged and non-privileged processes on Linux systems. The pkexec command is used by authorized users to execute commands at elevated privileges (like using sudo).

WatchGuard is currently reviewing all of its products and services and so far has determined that none of its products and services are vulnerable to CVE-2021-4034 (PwnKit).

Affected

Firebox Appliances, WatchGuard System Manager, Dimension, and TDR

All WatchGuard Firebox appliances, WatchGuard System Manager, Dimension, and TDR are not affected by this vulnerability.

Wireless APs

WatchGuard Wireless APs are not affected by this vulnerability.

Watchguard Cloud

WatchGuard Cloud is not affected by this vulnerability.

WatchGuard EPDR and Panda AD360

WatchGuard EPDR and Panda AD360 are not affected by this vulnerability.

WatchGuard DNSWatch

Some systems in WatchGuard's DNSWatch cloud infrastructure were running vulnerable versions of PolKit. We have patched these systems and have found no evidence of attempted exploit.

Advisory Product List
Product Family
Product Branch
Product List
WatchGuard Cloud
DNSWatch
DNSWatch