NOMISEC-hakivvi/CVE-2021-3560

NOMISEC WORKING POC

Exploit for CVE-2021-3560 - polkit - Privilege Escalation

AI Analysis

The repository contains a C-based exploit for CVE-2021-3560, a polkit authentication bypass vulnerability. The exploit leverages a race condition where a process exits immediately after sending a DBus message, causing polkit to incorrectly assume the caller is root (UID 0).

Attack Type

LPE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type local

Files 3

https://github.com/hakivvi/CVE-2021-3560

Stars 38

Forks 12

Last Push Jun 23, 2021

Authors

hakivvi

Vulnerability

CVE-2021-3560

polkit - Privilege Escalation

HIGH KEV

CVSS 7.8