VDB
WID-SEC-W-2023-0426
WID-SEC-W-2023-0426
PUBLISHED
CVSS 8.699999809265137 HIGH
IBM Spectrum Protect ist eine zentralisierte Backuplösung für Systeme im Netzwerk.
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| IBM Maximo Asset Management 7.6.1.2 | ||
| IBM Spectrum Protect Plus <10.1.6.4 | ||
| IBM Spectrum Protect Plus 10.1.6.4 | ||
| IBM Spectrum Protect | ||
| IBM Maximo Asset Management 7.6.1.3 |
Exploit Intelligence
- El exploit para obtener root usado la vulnerabilidad del CVE-2021-4034 o tambien llamado PwnKit el cual permite teniendo un shell hacer una escalada de privilegios siempre y cuando la version de pkexec sea = o < que la v0.105 (github-poc-repo)
- El exploit para obtener root usado la vulnerabilidad del CVE-2021-4034 o tambien llamado PwnKit el cual permite teniendo un shell hacer una escalada de privilegios siempre y cuando la version de pkexec sea = o < que la v0.105 (github-poc)
- usmansec/-CVE-2021-4034 (github-poc-repo)
- usmansec/-CVE-2021-4034 (github-poc)
- PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec in Python (github-poc)
- Advanced Linux Privilege Escalation research on CVE-2021-4034 (PwnKit). Features an optimized exploit with 7 polymorphic payload modes (Interactive Shell, Backdoor, User Creation, Reverse Shell, etc). Portfolio piece focused on memory corruption logic, environment variable manipulation, and anti-forensic techniques. (github-poc-repo)
- Advanced Linux Privilege Escalation research on CVE-2021-4034 (PwnKit). Features an optimized exploit with 7 polymorphic payload modes (Interactive Shell, Backdoor, User Creation, Reverse Shell, etc). Portfolio piece focused on memory corruption logic, environment variable manipulation, and anti-forensic techniques. (github-poc)
- Leemyunglyul/cve-2021-4034-mock (github-poc-repo)
- Leemyunglyul/cve-2021-4034-mock (github-poc)
- PoC for PwnKit / CVE-2021-4034 - Pkexec Local Privilege Escalation (github-poc-repo)
…and 182 more exploits
Timeline
- Mar 13, 2022 CVE Published
- Dec 8, 2023 PoC Published
- Mar 1, 2024 PoC Published
- Jul 14, 2024 PoC Published
- Jul 17, 2024 PoC Published
- Oct 31, 2024 PoC Published
- Dec 27, 2024 PoC Published
- Jan 6, 2025 CVE Updated
- Feb 12, 2025 PoC Published
- Feb 13, 2025 PoC Published
- Sep 19, 2025 PoC Published
- Sep 26, 2025 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2023-0426.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0426 advisory
- https://www.ibm.com/support/pages/node/6562989 url
- https://www.ibm.com/support/pages/node/6562383 url
- https://www.ibm.com/support/pages/node/6562855 url
- https://www.ibm.com/support/pages/node/6562401 url
- https://www.ibm.com/support/pages/node/6562919 url
- https://www.ibm.com/support/pages/node/6562873 url
- https://www.ibm.com/support/pages/node/6562843 url
- https://www.ibm.com/support/pages/node/6562405 url
- https://www.ibm.com/support/pages/node/6956658 url
- https://www.ibm.com/support/pages/node/7180361 url