{"vulnerability": "CVE-2021-3560", "sightings": [{"uuid": "683df2f2-5da2-463a-9429-9c57030bc416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "f935e709-ddc2-4439-b5ab-cc75730f89e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "exploited", "source": "https://www.exploit-db.com/exploits/50011", "content": "", "creation_timestamp": "2021-06-15T00:00:00.000000Z"}, {"uuid": "94255abd-5a05-4a6f-87f9-a1d3870b3322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971816", "content": "", "creation_timestamp": "2024-12-24T20:34:24.985091Z"}, {"uuid": "f7fa755a-d125-41c6-a231-3197fe3e5f1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "6451120b-ae67-4c72-86c6-33a5492e24fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://gist.github.com/shashinma/4d29c803ec30066d2b1178820b10c7fc", "content": "", "creation_timestamp": "2025-02-11T07:01:30.000000Z"}, {"uuid": "ebc14b6b-8c31-4efb-8108-f6176d052804", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:39.000000Z"}, {"uuid": "06d152cd-d2be-473a-af7a-696c780e5829", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:31.000000Z"}, {"uuid": "0a27b347-7000-43fa-be58-66ed741e60e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lq2gykpbkz2g", "content": "", "creation_timestamp": "2025-05-26T05:29:58.352432Z"}, {"uuid": "514206f5-50b6-4c8d-8fd8-7aec4fa2a75b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:00:58.000000Z"}, {"uuid": "feeb0e5d-8c5a-4089-8ed3-eda1acec45f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/polkit_dbus_auth_bypass.rb", "content": "", "creation_timestamp": "2021-07-08T22:05:22.000000Z"}, {"uuid": "9d578e7d-76d4-4127-83ba-1ebd1d4c4ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35604", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "c008b0b6-c95a-4356-b6e2-6c6417cc5024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-3560", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2acf1b60-8bdc-45a3-82f1-b983f55668f3", "content": "", "creation_timestamp": "2026-02-02T12:26:59.147649Z"}, {"uuid": "ebead635-d754-4c9c-867f-e421f08e91f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "Telegram/LegeDtMxRTlSxU-E4vRWPyR6r8eVZBSkTQd0bvp4AR24yPQ", "content": "", "creation_timestamp": "2025-12-17T21:00:04.000000Z"}, {"uuid": "6e39005d-54b3-4e46-81df-cd8b0dc4435a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/378", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aAutomatic Explotation PoC for Polkit CVE-2021-3560\nURL\uff1ahttps://github.com/aancw/polkit-auto-exploit", "creation_timestamp": "2021-08-24T04:56:13.000000Z"}, {"uuid": "d5802f0d-0715-4f0e-98fa-40e7c2da4fe4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1467", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPolkit Exploit (CVE-2021-3560). Instant Root.\nURL\uff1ahttps://github.com/n3onhacks/CVE-2021-3560", "creation_timestamp": "2022-02-02T19:29:53.000000Z"}, {"uuid": "02f1486f-68dd-46b0-839f-8966d682c24e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1455", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-3560 analysis\nURL\uff1ahttps://github.com/chenaotian/CVE-2021-3560", "creation_timestamp": "2022-01-31T09:07:20.000000Z"}, {"uuid": "cfb81baa-b614-4d78-b9ef-9c4f7fc22767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "Telegram/OZ23IKbQ47oGvBTE7eizQgpIhDfJ5XALPOlUhm63kbbFXAA", "content": "", "creation_timestamp": "2025-11-02T03:00:06.000000Z"}, {"uuid": "1510269a-80fb-41dc-ad8a-5f6d91bcd782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "Telegram/ZslVGStVV3_lt95-hFdoeilO4jVWtTXfLdOqUzc5Cu_nctM", "content": "", "creation_timestamp": "2025-10-31T21:00:05.000000Z"}, {"uuid": "2d8f753b-25ca-424e-a33d-97f9c190b090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/129", "content": "HackTheBox:\n\n\u2014Easy Machines\u2014\n\nDriver - WinRM (evil-winrm), printnightmare CVE-2021-1675 (https://habr.com/ru/sandbox/156538/)\nhttps://0xdf.gitlab.io/2022/02/26/htb-driver.html\n\nSecret - JWT, Git source (tig), crush-dumps\nhttps://0xdf.gitlab.io/2022/03/26/htb-secret.html\n\nBackDoor - Wordpress eBook Dir Trav (https://www.exploit-db.com/exploits/39575), gdb exploit (https://www.exploit-db.com/exploits/50539, https://www.rapid7.com/db/modules/exploit/multi/gdb/gdb_server_exec/) \nhttps://0xdf.gitlab.io/2022/04/23/htb-backdoor.html\n\nPrevise - Backup, Site Reverse Shell, low-encrypted passwords\nhttps://0xdf.gitlab.io/2022/01/08/htb-previse.html\n\nBountyHunter - XXE, (root) NOPASSWD python code\nhttps://0xdf.gitlab.io/2021/11/20/htb-bountyhunter.html\n\nHorizontal - Strapi CMS 3.0.0 CVE-2019-18818/CVE-2019-19609 (https://www.exploit-db.com/exploits/50239, https://github.com/diego-tella/CVE-2019-19609-EXPLOIT), Laravel v8 (https://www.exploit-db.com/exploits/49424)\nhttps://0xdf.gitlab.io/2022/02/05/htb-horizontall.html\n\nOptimum - Windows 2012 (https://www.rapid7.com/db/modules/exploit/windows/http/rejetto_hfs_exec/, https://www.rapid7.com/db/modules/exploit/windows/local/ms16_032_secondary_logon_handle_privesc/)\nhttps://0xdf.gitlab.io/2021/03/17/htb-optimum.html\n\nLame - FTP Anonymous, SAMBA exploit (https://github.com/amriunix/CVE-2007-2447)\nhttps://0xdf.gitlab.io/2020/04/07/htb-lame.html\n\nJerry - Tomcat Default Cred, shell via .WAR\nhttps://0xdf.gitlab.io/2018/11/17/htb-jerry.html\n\nBlue - Win7 eternalblue (https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue/)\nhttps://0xdf.gitlab.io/2021/05/11/htb-blue.html\n\nDevel - Microsoft IIS httpd 7.5 reverse shell via .ASPX, MS11-046 or ms10_015_kitrap0d (https://github.com/abatchy17/WindowsExploits/tree/master/MS11-046)\nhttps://0xdf.gitlab.io/2019/03/05/htb-devel.html\n\nNetmon - PRTG Network Monitor 18.1.37.13946, Backup credentials, CVE-2018-9276 (https://github.com/A1vinSmith/CVE-2018-9276) / (https://www.exploit-db.com/exploits/46527) + evil-winrm\nhttps://0xdf.gitlab.io/2019/06/29/htb-netmon.html\n\nExplore (Android) - 59777 port CVE-2019-6447 (https://www.exploit-db.com/exploits/50070), SSH Creds on Photo, adb shell\nhttps://0xdf.gitlab.io/2021/10/30/htb-explore.html\n\nAntique - Telnet password via snmpget (https://www.irongeek.com/i.php?page=security/networkprinterhacking#JetDirect%20password%20notes), CUPS 1.6.1 (https://github.com/jpillora/chisel) \nhttps://0xdf.gitlab.io/2022/05/03/htb-antique.html\n\nReturn - evil-winrm, Server Operators in net user svc-printer /domain, sc.exe\nhttps://0xdf.gitlab.io/2022/05/05/htb-return.html\n\nGrandpa - CVE-2017-7269 (https://www.rapid7.com/db/modules/exploit/windows/iis/iis_webdav_scstoragepathfromurl/), SEImpersonalPrivilege Churrasco (https://github.com/Re4son/Churrasco/)\nhttps://0xdf.gitlab.io/2020/05/28/htb-grandpa.html\n\nBeep - ShellShock or Elastix 2.2.0 - 'graph.php' Local File Inclusion, (root) NOPASSWD nmap\nhttps://0xdf.gitlab.io/2021/02/23/htb-beep.html\n\nPandora - snmpwalk creds, CVE-2021-32099, Site Reverse Shell\nhttps://0xdf.gitlab.io/2022/05/21/htb-pandora.html\n\nPaper - WPS 5.2.3 - Cve-2019-17671 (https://www.exploit-db.com/exploits/47690, https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/), Chat Bot Dir Trav, CVE-2021-3560 (https://github.com/Almorabea/Polkit-exploit/blob/main/CVE-2021-3560.py)\nhttps://0xjin.medium.com/paper-hackthebox-write-up-2abca22d3b54\n\n\n#hackthebox #ctf", "creation_timestamp": "2022-06-18T10:22:36.000000Z"}, {"uuid": "9ebd6257-cbec-4c65-a9f4-39a09f27c814", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/beaverdreamer/55", "content": "#polkit #exploit\n\u0421\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f \u044e\u0437\u0435\u0440 ahmed, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0435\u0433\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430\u043c\u0435\u043d\u0438\u0442\u044c \u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u043f\u043e \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442 :)\nhttps://raw.githubusercontent.com/Almorabea/Polkit-exploit/main/CVE-2021-3560.py", "creation_timestamp": "2022-02-17T06:24:35.000000Z"}, {"uuid": "1cb59753-9615-432b-be71-2793d15a273a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "Telegram/17sx7vfyYyw5cNVTNyrGtWFmcDoHLeuKbaDi91L36vhy8Ec", "content": "", "creation_timestamp": "2025-07-07T21:00:04.000000Z"}, {"uuid": "e4630972-6d45-4219-b39d-224de87ec0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/poxek/2359", "content": "#Linux #CVE #POC\n\nPolkit Privilege Esclation\nCVE-2021-3560\n\npolkit - \u044d\u0442\u043e \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u0430\u044f \u0441\u043b\u0443\u0436\u0431\u0430, \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0432\u043e \u043c\u043d\u043e\u0433\u0438\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u0430\u0445 Linux. \u041e\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f systemd, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043b\u044e\u0431\u043e\u0439 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432 Linux, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0439 systemd, \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 polkit.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 polkit_system_bus_name_get_creds_sync() \u0434\u0435\u043c\u043e\u043d\u0430 dbus-daemon \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Polkit \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438", "creation_timestamp": "2022-08-25T09:00:04.000000Z"}, {"uuid": "f5eec937-f2e4-47e3-a733-de1a88d290f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/211", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aExploit\n\u63cf\u8ff0\uff1aPolkit D-Bus Authentication Bypass Exploit\nURL\uff1ahttps://github.com/0Day-dev/CVE-2021-3560", "creation_timestamp": "2021-07-30T11:42:23.000000Z"}, {"uuid": "6a07e4cb-41f9-44b0-8006-1589494b7384", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/cyberbannews_ir/3348", "content": "\ud83d\uded1\u0647\u0634\u062f\u0627\u0631 \u062f\u0631 \u0645\u0648\u0631\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0627\u0628\u0632\u0627\u0631 PolKit\n\n\u06cc\u06a9 \u0645\u062d\u0642\u0642 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647 \u0646\u0627\u0645 \u00abKevin Backhouse\u00bb \u062f\u0631 \u0648\u0628\u0644\u0627\u06af \u062e\u0648\u062f \u0646\u0633\u0628\u062a \u0628\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0642\u062f\u06cc\u0645\u06cc \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 PolKit \u0647\u0634\u062f\u0627\u0631 \u062f\u0627\u062f. \n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u06a9\u0647 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 \u00abCVE-2021-3560\u00bb \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f\u060c \u0627\u0632 \u0633\u0627\u0644 2015 \u0647\u0645\u0686\u0646\u0627\u0646 \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0648 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc PolKit 0.113 \u062a\u0627 0.118 \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u062f\u0627\u062f\u0647 \u0627\u0633\u062a.\n\n\u062a\u0648\u0632\u06cc\u0639\u200c\u0647\u0627\u06cc \u0627\u0633\u062a\u0641\u0627\u062f\u0647\u200c\u06a9\u0646\u0646\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 \u0646\u06cc\u0632 \u062e\u0635\u0648\u0635\u0627 \u062a\u0648\u0632\u06cc\u0639\u200c\u0647\u0627\u06cc \u062f\u0628\u06cc\u0627\u0646 \u06a9\u0647 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc PolKit 0.105\u060c RHEL 8\u060c Fedora 21\u060c Debian \"Bullseye\" \u0648 Ubuntu 20.04 \u062f\u0631 \u0622\u0646\u200c\u0647\u0627 \u0627\u062c\u0631\u0627 \u0634\u062f\u0647\u200c\u0627\u0646\u062f \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631 \u0647\u0633\u062a\u0646\u062f. \n\n#\u0622\u0633\u06cc\u0628_\u067e\u0630\u06cc\u0631\u06cc\n\n\u2705 \u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f:\nhttps://bit.ly/35f3h6O\n\n@cyberbannews_ir", "creation_timestamp": "2021-06-12T08:24:48.000000Z"}, {"uuid": "e8e526e7-f069-43ca-a4b1-af6b53e00f3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/ctinow/35152", "content": "CVE-2021-3560 flaw in polkit auth system service affects most of Linux distros\n\nhttps://ift.tt/3ghbI7J", "creation_timestamp": "2021-06-12T14:09:43.000000Z"}, {"uuid": "19ecba55-0118-48d9-a911-2bcb7c21cd06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "Telegram/EidKnczSSqyjBcQ7sKuQ5Eq9NVHE7CjrCRWQNDH8CB5oRZc", "content": "", "creation_timestamp": "2024-04-24T17:42:10.000000Z"}, {"uuid": "a93f95b6-30f1-41e2-b079-25f29baea02a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "Telegram/hPHgDnp1pdH4sj9QFaxaJ9fY-IB8NnzLz8KIVcQH7bezm6_5", "content": "", "creation_timestamp": "2025-01-30T02:17:49.000000Z"}, {"uuid": "4dd8b5dd-03ab-470a-a9ab-7db3058f2709", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/arpsyndicate/1904", "content": "#ExploitObserverAlert\n\nCVE-2021-3560\n\nDESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\nFIRST-EPSS: 0.011770000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-18T03:45:50.000000Z"}, {"uuid": "f5818ee2-bdd0-4318-8e7f-45b8ec8eda8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/arpsyndicate/1324", "content": "#ExploitObserverAlert\n\nCVE-2021-3560\n\nDESCRIPTION: Exploit Observer has 120 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\nFIRST-EPSS: 0.011770000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T22:44:29.000000Z"}, {"uuid": "90efa395-3ead-4108-aced-01ecad137fce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/arpsyndicate/838", "content": "#ExploitObserverAlert\n\nCVE-2021-3560\n\nDESCRIPTION: Exploit Observer has 119 entries related to CVE-2021-3560. It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\nFIRST-EPSS: 0.011770000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-01T07:35:12.000000Z"}, {"uuid": "b20174e9-0ee4-46f8-9bcc-e147e115fc60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/22829", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n\ud83c\udfa9 Nearly all of GTFOBins\n\ud83c\udfa9 Writeable docker.sock\n\ud83c\udfa9 CVE-2022-0847 (Dirty pipe)\n\ud83c\udfa9 CVE-2021-4034 (pwnkit)\n\ud83c\udfa9 CVE-2021-3560\n\n\nhttps://github.com/liamg/traitor", "creation_timestamp": "2024-04-24T17:42:11.000000Z"}, {"uuid": "c5fa4a3a-7104-43f8-9cc4-79cfdcbe8deb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "Telegram/Ke7Qtx69srUNZs11KMyAFiA7I0NF0hlyPNgwpSWisFGTfjQ", "content": "", "creation_timestamp": "2025-02-18T16:00:09.000000Z"}, {"uuid": "6a0d3ecf-8ddc-4e26-8770-3177292979ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3136", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n\ud83c\udfa9 Nearly all of GTFOBins\n\ud83c\udfa9 Writeable docker.sock\n\ud83c\udfa9 CVE-2022-0847 (Dirty pipe)\n\ud83c\udfa9 CVE-2021-4034 (pwnkit)\n\ud83c\udfa9 CVE-2021-3560\n\n\nhttps://github.com/liamg/traitor", "creation_timestamp": "2023-09-26T19:41:26.000000Z"}, {"uuid": "5cc67819-4eed-4f8b-a431-61e6a440b7f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35608", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/5992", "content": "| PRION:CVE-2018-3067 4.0 https://vulners.com/prion/PRION:CVE-2018-3067 | PRION:CVE-2018-3065 4.0 https://vulners.com/prion/PRION:CVE-2018-3065 | PRION:CVE-2018-3056 4.0 https://vulners.com/prion/PRION:CVE-2018-3056 | PRION:CVE-2018-3054 4.0 https://vulners.com/prion/PRION:CVE-2018-3054 | PRION:CVE-2019-2503 3.8 https://vulners.com/prion/PRION:CVE-2019-2503 | PRION:CVE-2023-22053 3.6 https://vulners.com/prion/PRION:CVE-2023-22053\n| PRION:CVE-2019-2739 3.6 https://vulners.com/prion/PRION:CVE-2019-2739\n| PRION:CVE-2022-21302 3.5 https://vulners.com/prion/PRION:CVE-2022-21302\n| PRION:CVE-2021-35608 3.5 https://vulners.com/prion/PRION:CVE-2021-35608 | PRION:CVE-2021-2174 3.5 https://vulners.com/prion/PRION:CVE-2021-2174\n| PRION:CVE-2021-2171 3.5 https://vulners.com/prion/PRION:CVE-2021-2171 | PRION:CVE-2020-2930 3.5 https://vulners.com/prion/PRION:CVE-2020-2930\n| PRION:CVE-2020-2926 3.5 https://vulners.com/prion/PRION:CVE-2020-2926\n| PRION:CVE-2020-2921 3.5 https://vulners.com/prion/PRION:CVE-2020-2921 | PRION:CVE-2020-2752 3.5 https://vulners.com/prion/PRION:CVE-2020-2752 | PRION:CVE-2020-2694 3.5 https://vulners.com/prion/PRION:CVE-2020-2694 | PRION:CVE-2020-2584 3.5 https://vulners.com/prion/PRION:CVE-2020-2584\n| PRION:CVE-2020-14791 3.5 https://vulners.com/prion/PRION:CVE-2020-14791\n| PRION:CVE-2020-14771 3.5 https://vulners.com/prion/PRION:CVE-2020-14771\n| PRION:CVE-2020-14550 3.5 https://vulners.com/prion/PRION:CVE-2020-14550\n| PRION:CVE-2019-3018 3.5 https://vulners.com/prion/PRION:CVE-2019-3018 | PRION:CVE-2019-2993 3.5 https://vulners.com/prion/PRION:CVE-2019-2993\n| PRION:CVE-2019-2938 3.5 https://vulners.com/prion/PRION:CVE-2019-2938\n| PRION:CVE-2019-2814 3.5 https://vulners.com/prion/PRION:CVE-2019-2814\n| PRION:CVE-2019-2743 3.5 https://vulners.com/prion/PRION:CVE-2019-2743\n| PRION:CVE-2019-2741 3.5 https://vulners.com/prion/PRION:CVE-2019-2741\n| PRION:CVE-2019-2738 3.5 https://vulners.com/prion/PRION:CVE-2019-2738 | PRION:CVE-2019-2636 3.5 https://vulners.com/prion/PRION:CVE-2019-2636\n| PRION:CVE-2019-2630 3.5 https://vulners.com/prion/PRION:CVE-2019-2630\n| PRION:CVE-2019-2623 3.5 https://vulners.com/prion/PRION:CVE-2019-2623 | PRION:CVE-2019-2617 3.5 https://vulners.com/prion/PRION:CVE-2019-2617 | PRION:CVE-2019-2614 3.5 https://vulners.com/prion/PRION:CVE-2019-2614 | PRION:CVE-2018-3284 3.5 https://vulners.com/prion/PRION:CVE-2018-3284 | PRION:CVE-2018-3283 3.5 https://vulners.com/prion/PRION:CVE-2018-3283\n| PRION:CVE-2018-3074 3.5 https://vulners.com/prion/PRION:CVE-2018-3074 | PRION:CVE-2018-3062 3.5 https://vulners.com/prion/PRION:CVE-2018-3062\n| PRION:CVE-2023-22115 3.3 https://vulners.com/prion/PRION:CVE-2023-22115\n| PRION:CVE-2023-22114 3.3 https://vulners.com/prion/PRION:CVE-2023-22114 | PRION:CVE-2023-22113 3.3 https://vulners.com/prion/PRION:CVE-2023-22113 | PRION:CVE-2023-22112 3.3 https://vulners.com/prion/PRION:CVE-2023-22112\n| PRION:CVE-2023-22111 3.3 https://vulners.com/prion/PRION:CVE-2023-22111", "creation_timestamp": "2023-11-15T16:53:23.000000Z"}, {"uuid": "e2d1cb33-8cbf-4ea9-80ab-d35e7d2ea9b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1216", "content": "Automatic Linux privesc exploitation\n\n#CVE-2021-3560 #CVE-2021-4034 #CVE-2022-0847\n#Linux #privesc #exploitation #PrivilegeEscalation\n#vulnerabilities #root #shell #Exploit #Hacking\n\nhttps://reconshell.com/automatic-linux-privesc-exploitation/", "creation_timestamp": "2022-03-12T19:48:01.000000Z"}, {"uuid": "0d0528c0-3d00-4a56-9e4e-31cc962068f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "Telegram/JGMy2HKSfAD3BUEkBfRAPBYrdj6682LBX41uJfpddYGBBQ", "content": "", "creation_timestamp": "2021-08-16T19:15:23.000000Z"}, {"uuid": "61dc6ba4-c4f9-4cdc-b385-7f4f1db719d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/10408", "content": "https://github.com/GatoGamer1155/CVE-2021-3560", "creation_timestamp": "2022-03-09T15:49:41.000000Z"}, {"uuid": "ee49057d-db21-4f1d-a7b4-ff520a5ab74d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/1808", "content": "\u041a\u0435\u0432\u0438\u043d \u0411\u044d\u043a\u0445\u0430\u0443\u0441, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c GitHub Security Lab, \u043d\u0430\u0448\u0435\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 polkit \u0432 Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0440\u0443\u0442\u043e\u0432\u044b\u0435 \u043f\u0440\u0430\u0432\u0430.\n\nPolkit - \u044d\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 Ubuntu, Fedora, Red Hat \u0438 \u0434\u0440.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 CVE-2021-3560 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 3 \u0438\u044e\u043d\u044f. \u0421\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u043e\u043d\u0430 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 polkit 0.113 \u0435\u0449\u0435 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2013 \u0433\u043e\u0434\u0430 (\u0430 Baron Samedit \u0432 sudo \u043f\u0440\u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432\u0441\u0435 10 \u043b\u0435\u0442 \u0434\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f).\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u0440\u043e\u0441\u0442\u0430 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u0411\u044d\u043a\u0445\u0430\u0443\u0441\u043e\u043c \u0432 \u0441\u0432\u043e\u0435\u0439 \u0441\u0442\u0430\u0442\u044c\u0435. \u041e\u0446\u0435\u043d\u043a\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u043f\u043e CVSS - 7,8.\n\n\u0412\u0441\u0435\u043c, \u043a\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b \u0441 polkit \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f (\u0445\u043e\u0442\u044f \u044d\u0442\u043e \u043d\u0435 RCE, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u0438 \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435).", "creation_timestamp": "2021-06-11T12:02:00.000000Z"}, {"uuid": "f8a4e359-a7bf-43bf-961c-05d3f0c41a46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/cibsecurity/37624", "content": "\u203c CVE-2021-3560 \u203c\n\nIt was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T22:36:28.000000Z"}, {"uuid": "8ff73acb-9ed6-4320-8122-90b8d22f22d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35606", "type": "seen", "source": "https://t.me/cibsecurity/30883", "content": "\u203c CVE-2021-35606 \u203c\n\nVulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft (component: Notification Framework). Supported versions that are affected are 9.0 and 9.2. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the PeopleSoft Enterprise CS Campus Community executes to compromise PeopleSoft Enterprise CS Campus Community. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise CS Campus Community accessible data. CVSS 3.1 Base Score 5.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-20T14:41:33.000000Z"}, {"uuid": "f0126d45-60b0-4a8e-a979-3e14e42b88a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35607", "type": "seen", "source": "https://t.me/cibsecurity/30878", "content": "\u203c CVE-2021-35607 \u203c\n\nVulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.26 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-20T14:41:27.000000Z"}, {"uuid": "d1a2d8cd-8a55-441d-850c-01009141bddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/reverse_dungeon/568", "content": "\u041a\u0435\u0432\u0438\u043d \u0411\u044d\u043a\u0445\u0430\u0443\u0441, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c GitHub Security Lab, \u043d\u0430\u0448\u0435\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u043b\u0443\u0436\u0431\u0435 polkit \u0432 Linux, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0440\u0443\u0442\u043e\u0432\u044b\u0435 \u043f\u0440\u0430\u0432\u0430.\n\nPolkit - \u044d\u0442\u043e \u0441\u043b\u0443\u0436\u0431\u0430, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043d\u0435\u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 Ubuntu, Fedora, Red Hat \u0438 \u0434\u0440.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 CVE-2021-3560 \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 3 \u0438\u044e\u043d\u044f. \u0421\u0443\u0434\u044f \u043f\u043e \u0432\u0441\u0435\u043c\u0443, \u043e\u043d\u0430 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 polkit 0.113 \u0435\u0449\u0435 \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2013 \u0433\u043e\u0434\u0430 (\u0430 Baron Samedit \u0432 sudo \u043f\u0440\u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430 \u0432\u0441\u0435 10 \u043b\u0435\u0442 \u0434\u043e \u0441\u0432\u043e\u0435\u0433\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f).\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0435\u0441\u044c\u043c\u0430 \u043f\u0440\u043e\u0441\u0442\u0430 \u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0430 \u0411\u044d\u043a\u0445\u0430\u0443\u0441\u043e\u043c \u0432 \u0441\u0432\u043e\u0435\u0439 \u0441\u0442\u0430\u0442\u044c\u0435. \u041e\u0446\u0435\u043d\u043a\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u043f\u043e CVSS - 7,8.\n\n\u0412\u0441\u0435\u043c, \u043a\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b \u0441 polkit \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f (\u0445\u043e\u0442\u044f \u044d\u0442\u043e \u043d\u0435 RCE, \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u0438 \u0442\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435).", "creation_timestamp": "2021-06-13T04:07:48.000000Z"}, {"uuid": "fa66a2a5-5ab7-49ce-8f29-d58fc867de6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/654", "content": "CVE-2021-3560 Polkit 0.105-26 0.117-2 \u672c\u5730\u7279\u6b0a\u63d0\u5347\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-3560_Polkit_0.105-26_0.117-2_%E6%9C%AC%E5%9C%B0%E7%89%B9%E6%AC%8A%E6%8F%90%E5%8D%87%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-06-16T01:37:34.000000Z"}, {"uuid": "46478907-f72f-4948-95f2-585e5fd6610b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/679", "content": "CVE-2021-3560 - \u4f7f\u7528kill\u547d\u4ee4\u9032\u884c\u6b0a\u9650\u63d0\u5347\nhttps://forums.pwnwiki.org/t/34", "creation_timestamp": "2021-06-19T09:55:48.000000Z"}, {"uuid": "013255fe-0275-46ec-9789-67fc63426cce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/theninjaway1337/1371", "content": "CISA: Several Old Linux Vulnerabilities Exploited in Attacks\n\nThe US Cybersecurity and Infrastructure Security Agency (CISA) has added several Linux and Linux-related flaws to its known exploited vulnerabilities (KEV) catalog.\nThe agency\u00a0added seven new vulnerabilities\u00a0to its KEV catalog on Friday: Ruckus AP remote code execution (CVE-2023-25717), Red Hat Polkit privilege escalation (CVE-2021-3560), Linux kernel privilege escalations (CVE-2014-0196 and CVE-2010-3904), Jenkins UI information disclosure (CVE-2015-5317), Apache Tomcat remote code execution (CVE-2016-8735), and an Oracle Java SE and JRockit issue (CVE-2016-3427).\n\nhttps://www.securityweek.com/cisa-several-old-linux-vulnerabilities-exploited-in-attacks/", "creation_timestamp": "2023-05-16T15:47:20.000000Z"}, {"uuid": "f9a48f40-d3b7-4fb6-8d61-b07c2ccacd37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/theninjaway1337/1001", "content": "#linux #explot #privesc \n\nCVE-2021-3560 Local PrivEsc Exploit\n\n https://github.com/swapravo/polkadots", "creation_timestamp": "2021-06-13T15:32:20.000000Z"}, {"uuid": "7a1ca460-df84-4b8f-acb6-b6b743288f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/information_security_channel/44366", "content": "GitHub Discloses Details of Easy-to-Exploit Linux Vulnerability\nhttp://feedproxy.google.com/~r/securityweek/~3/ixenj8Lk5tU/github-discloses-details-easy-exploit-linux-vulnerability\n\nGitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system.\nThe flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions.\nread more (https://www.securityweek.com/github-discloses-details-easy-exploit-linux-vulnerability)", "creation_timestamp": "2021-06-11T17:33:35.000000Z"}, {"uuid": "619b2498-cd4f-47fa-a594-752de2d86a66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/thehackernews/1283", "content": "A newly discovered 7-year-old Polkit vulnerability (CVE-2021-3560) could allow unprivileged Linux users to gain root access on target systems.\n\nRead: https://thehackernews.com/2021/06/7-year-old-polkit-flaw-lets.html", "creation_timestamp": "2024-12-02T15:04:13.000000Z"}, {"uuid": "7e5b41ab-a245-4d21-ab2b-a7629bc9edbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3587", "content": "#exploit\nCVE-2021-3560:\nPrivilege escalation with polkit: How to get root on Linux with a seven-year-old bug\nhttps://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug", "creation_timestamp": "2024-10-09T17:35:14.000000Z"}, {"uuid": "8311a680-13f2-4528-8b20-b371f4dea28a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3732", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (June 1-30)\nCVE-2021-1675 - Windows Print Spooler EoP\nhttps://t.me/cybersecuritytechnologies/3723\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-3560 - Privilege escalation with polkit\nhttps://t.me/cybersecuritytechnologies/3587\nCVE-2021-28476 - Hyper-V RCE in vmswitch.sys\nhttps://t.me/cybersecuritytechnologies/3514\nCVE-2020-3580 - XSS in Cisco ASA\nhttps://www.helpnetsecurity.com/2021/06/29/cve-2020-3580-exploit\nCVE-2021-31955/31956 - Windows NTFS EoP/Kernel Information Disclosure\nhttps://github.com/mavillon1/CVE-2021-31955-POC\nhttps://t.me/cybersecuritytechnologies/3705\nCVE-2021-33739 - MS DWM Core Library EoP\nhttps://t.me/cybersecuritytechnologies/3581\nCVE-2021-27850 - Apache Tapestry RCE\nhttps://t.me/cybersecuritytechnologies/3694\nCVE-2020-36289 - Atlassian Jira Unauth User Enum\nhttps://mobile.twitter.com/i/web/status/1402644004781633540", "creation_timestamp": "2021-07-01T11:03:01.000000Z"}, {"uuid": "04e2dc1d-c70f-48c1-a4fe-879f0a326239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6178", "content": "#Threat_Research\n1. A New Exploit Method for CVE-2021-3560 PolicyKit Linux Privilege Escalation\nhttp://noahblog.360.cn/a-new-exploit-method-for-cve-2021-3560-policykit-linux-privilege-escalation-en\n2. De-Anonymization attacks against Proton services\nhttps://www.reversemode.com/2022/06/de-anonymization-attacks-against-proton.html", "creation_timestamp": "2022-06-11T12:43:01.000000Z"}, {"uuid": "c75294d0-e214-4f34-ac6d-9d3702c4f3c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4865", "content": "#Whitepaper\n\"Polkit Authentication Bypass / LPE\", 2021. \n\n// This whitepaper provides an overview of a Polkit authentication bypass vulnerability (CVE-2021-3560) that allows for LPE\n\n]-> PoC Exploit: https://t.me/cybersecuritytechnologies/3587", "creation_timestamp": "2022-11-18T05:48:52.000000Z"}, {"uuid": "912886e4-ca82-49ab-81f2-28098e68e18b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3560", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5529", "content": "Traitor - Exploit Low-Hanging Fruit Automatically\n\n- Nearly all of GTFOBins\n- Writeable docker.sock\n- CVE-2022-0847 (Dirty pipe)\n- CVE-2021-4034 (pwnkit)\n- CVE-2021-3560\n\nGithub\n\n#Linux #Exploit #Tools \n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-09-26T09:46:31.000000Z"}]}