ZEVENET not affected by PwnKit (CVE-2021-4034)

Posted by Zevenet | 28 January, 2022 | Announces

The ZEVENET Team is glad to announce that Enterprise Appliances (in all their platforms Virtual, Baremetal, Hardware or Cloud) are not affected by the 12 year vulnerability found in Linux systems called PwnKit that permits a local privilege escalation discovered in polkit’s pkexec and registered as CVE-2021-4034. ZEVENET Community Edition is also not affected by this vulnerability as the vulnerable package PolicyKit is not installed in ZEVENET systems by default.

In order to ensure that your system does not include the vulnerable package, please execute the following command and it should not return any data:

root~$ dpkg -l | grep policykit

Nevertheless, please confirm with our Support Team in order to ensure that your system doesn’t have it included as a custom feature.

Please refer to the following link for furhter information about this vulnerability.
https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034

SHARE ON:

Related Blogs

Posted by zenweb | 11 May 2022
Hello everyone, ZEVENET is glad of announcing that Community Edition 5.12 has been released. New features: [webgui] new web GUI with new Angular technology v12 [ssl] letsencrypt integration [lslb] http:…
34 LikesComments Off on ZEVENET CE 5.12 Released
Posted by zenweb | 07 February 2022
After several months of hard work of development and QA, the ZEVENET Team is glad to announce the release of the Enterprise Edition 6.2. This release includes high evolution of…
47 LikesComments Off on ZEVENET Enterprise Edition 6.2 Released!
Posted by zenweb | 09 February 2021
The ZEVENET Team invites you to discover the amazing challenging plan in regards to new features, research & developments, as well as the design of new products line. This roadmap…
187 LikesComments Off on ZEVENET Roadmap 2021