CVE-2021-3560
Red Hat Polkit Incorrect Authorization Vulnerability
CVSS
—
No CVSS
EPSS
22.2%
p97
KEV
YES
May 12, 2023
Exploit Today
79
0-100
Published: — · Last modified: —
22.2%EPSS · 30 days22.2%
2026-06-302026-07-16
Product
Red Hat / Polkit
Vulnerability
Red Hat Polkit Incorrect Authorization Vulnerability
Added to KEV
May 12, 2023
Remediate by
Jun 2, 2023
Known ransomware use
No
Summary description
Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.
Required action
Apply updates per vendor instructions.
Notes
https://bugzilla.redhat.com/show_bug.cgi?id=1961710; https://nvd.nist.gov/vuln/detail/CVE-2021-3560
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2021-4034—99.9%
KEV—80Red Hat Polkit Out-of-Bounds Read and Write Vulnerability—