Exploit Intelligence

VulnCheck Exploit Intelligence helps organizations track all of the world's exploit proof-of-concept code, exploited in-the-wild information, and exploit metadata including timelines, to focus remediation resources on the right vulnerabilities.

GET /v2/exploits/cve/CVE-2021-4034
    {
  "request": {
    "index": "exploits",
    "id_type": "cve",
    "id": "CVE-2021-4034",
    "time": 1668730962
  },
  "exploit_found": true,
  "max_exploit_maturity": "weaponized",
  "reported_exploited_in_the_wild": true,
  "reported_exploited_by_named_threat_actors": true,
  "reported_exploited_by_ransomware": false,
  "reported_exploited_by_botnets": true,
  "timeline": {
    "nvd_published": "2022-01-28",
    "first_exploit_published": "2022-01-25",
    "first_exploit_poc_or_higher": "2022-01-25",
    "first_exploit_weaponized_or_higher": "2022-01-26",
    "most_recent_exploit_published": "2022-10-13",
    "first_reported_threat_actor": "2022-06-15",
    "most_recent_reported_threat_actor": "2022-06-15",
    "first_reported_botnet": "2022-06-07",
    "most_recent_reported_botnet": "2022-06-07",
    "cisa_kev_date_added": "2022-06-27",
    "cisa_kev_date_due": "2022-07-18"
  },
  "trending": {
    "github": false
  },
  "epss": {
    "epss_score": 0.04106,
    "epss_percentile": 0.85584
  },
  "counts": {
    "exploits": 51,
    "threat_actors": 1,
    "botnets": 1
  },
  "exploits": [
    {
      "url": "https://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html",
      "name": "Polkit pkexec Local Privilege Escalation",
      "refsource": "packetstorm",
      "date_added": "2022-03-03",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://github.com/fdellwing/CVE-2021-4034",
      "name": "fdellwing/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/chenaotian/CVE-2021-4034",
      "name": "chenaotian/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/navisec/CVE-2021-4034-PwnKit",
      "name": "navisec/CVE-2021-4034-PwnKit exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-30",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/v-rzh/CVE-2021-4034",
      "name": "v-rzh/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-29",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/Pixailz/CVE-2021-4034",
      "name": "Pixailz/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-10-10",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/zhzyker/CVE-2021-4034",
      "name": "zhzyker/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://gitlab.com/RekGRpth/CVE-2021-4034",
      "name": "RekGRpth/CVE-2021-4034 exploit repository",
      "refsource": "gitlab-exploits",
      "date_added": "2022-03-03",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt",
      "name": "A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
      "refsource": "nvd",
      "date_added": "2022-01-28",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://github.com/rapid7/metasploit-framework",
      "name": "Local Privilege Escalation in polkits pkexec",
      "refsource": "metasploit",
      "date_added": "2022-01-26",
      "exploit_maturity": "weaponized",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "http://exploitlist.immunityinc.com/home/exploitpack/CANVAS/linux_pkexec_argc",
      "name": "linux_pkexec_argc",
      "refsource": "canvas",
      "date_added": "2022-05-01",
      "exploit_maturity": "weaponized",
      "exploit_availability": "commercially-available"
    },
    {
      "url": "https://github.com/ck00004/CVE-2021-4034",
      "name": "ck00004/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-02-15",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/robemmerson/CVE-2021-4034",
      "name": "robemmerson/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/joeammond/CVE-2021-4034",
      "name": "joeammond/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://github.com/ayypril/CVE-2021-4034",
      "name": "ayypril/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/clubby789/CVE-2021-4034",
      "name": "clubby789/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/HrishitJoshi/CVE-2021-4034",
      "name": "HrishitJoshi/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-02-02",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://packetstormsecurity.com/files/165729/Polkit-pkexec-CVE-2021-4034-Local-Root.html",
      "name": "Polkit pkexec CVE-2021-4034 Local Root",
      "refsource": "packetstorm",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://packetstormsecurity.com/files/165727/Polkit-pkexec-CVE-2021-4034-Local-Root.html",
      "name": "Polkit pkexec CVE-2021-4034 Local Root",
      "refsource": "packetstorm",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://github.com/dadvlingd/-CVE-2021-4034",
      "name": "dadvlingd/-CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/dzonerzy/poc-cve-2021-4034",
      "name": "dzonerzy/poc-cve-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/arthepsy/CVE-2021-4034",
      "name": "arthepsy/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/ly4k/PwnKit",
      "name": "ly4k/PwnKit exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/Ankit-Ojha16/CVE-2021-4034",
      "name": "Ankit-Ojha16/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-02-02",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/mtthwstffrd/berdav-CVE-2021-4034",
      "name": "mtthwstffrd/berdav-CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-03-23",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://packetstormsecurity.com/files/165739/PolicyKit-1-0.105-31-Privilege-Escalation.html",
      "name": "PolicyKit-1 0.105-31 Privilege Escalation",
      "refsource": "packetstorm",
      "date_added": "2022-01-27",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
      "name": "Red Hat Polkit Out-of-Bounds Read and Write Vulnerability",
      "refsource": "cisa-known-exploited-vulnerabilities",
      "date_added": "2022-06-27",
      "exploit_maturity": "weaponized",
      "exploit_availability": "privately-available"
    },
    {
      "url": "https://blog.talosintelligence.com/2022/10/alchimist-offensive-framework.html",
      "name": "Alchimist: A new attack framework in Chinese for Mac, Linux and Windows",
      "refsource": "blogs",
      "date_added": "2022-10-13",
      "exploit_maturity": "weaponized",
      "exploit_availability": "privately-available"
    },
    {
      "url": "https://github.com/An00bRektn/CVE-2021-4034",
      "name": "An00bRektn/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/EstamelGG/CVE-2021-4034-NoGCC",
      "name": "EstamelGG/CVE-2021-4034-NoGCC exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-28",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/Al1ex/CVE-2021-4034",
      "name": "Al1ex/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-27",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/phvilasboas/CVE-2021-4034",
      "name": "phvilasboas/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/Ayrx/CVE-2021-4034",
      "name": "Ayrx/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/berdav/CVE-2021-4034",
      "name": "berdav/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-25",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://gitlab.com/Tramadol/cve-2021-4034",
      "name": "Tramadol/cve-2021-4034 exploit repository",
      "refsource": "gitlab-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/x04000/CVE-2021-4034",
      "name": "x04000/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-02-13",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://packetstormsecurity.com/files/165728/Polkit-pkexec-CVE-2021-4034-Proof-Of-Concept.html",
      "name": "Polkit pkexec CVE-2021-4034 Proof Of Concept",
      "refsource": "packetstorm",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://my.saintcorporation.com/cgi-bin/exploit_info/polkit_pkexec_priv_elev",
      "name": "Polkit pkexec privilege elevation",
      "refsource": "saint",
      "date_added": "2022-01-27",
      "exploit_maturity": "weaponized",
      "exploit_availability": "commercially-available"
    },
    {
      "url": "https://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html",
      "name": "Polkit pkexec Privilege Escalation",
      "refsource": "packetstorm",
      "date_added": "2022-03-04",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html",
      "name": "A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.",
      "refsource": "nvd",
      "date_added": "2022-01-28",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available"
    },
    {
      "url": "https://github.com/Rvn0xsy/CVE-2021-4034",
      "name": "Rvn0xsy/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-28",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/CYB3RK1D/CVE-2021-4034-POC",
      "name": "CYB3RK1D/CVE-2021-4034-POC exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-28",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/OxWeb4/CVE-2021-4034-",
      "name": "OxWeb4/CVE-2021-4034- exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-29",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/nikaiw/CVE-2021-4034",
      "name": "nikaiw/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/n3onhacks/CVE-2021-4034",
      "name": "n3onhacks/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-28",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/luijait/PwnKit-Exploit",
      "name": "luijait/PwnKit-Exploit exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/san3ncrypt3d/CVE-2021-4034-POC",
      "name": "san3ncrypt3d/CVE-2021-4034-POC exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/ryaagard/CVE-2021-4034",
      "name": "ryaagard/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-25",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/artemis-mike/cve-2021-4034",
      "name": "artemis-mike/cve-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-26",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/Hifumi1337/CVE-2021-4034",
      "name": "Hifumi1337/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-03-16",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    },
    {
      "url": "https://github.com/PwnFunction/CVE-2021-4034",
      "name": "PwnFunction/CVE-2021-4034 exploit repository",
      "refsource": "github-exploits",
      "date_added": "2022-01-27",
      "exploit_maturity": "poc",
      "exploit_availability": "publicly-available",
      "exploit_type": "local"
    }
  ],
  "threat_actors": [
    {
      "threat_actor_name": "DriftingCloud",
      "cve_references": [
        {
          "url": "https://www.volexity.com/blog/2022/06/15/driftingcloud-zero-day-sophos-firewall-exploitation-and-an-insidious-breach/",
          "date_added": "2022-06-15",
          "cve": [
            "CVE-2021-4034",
            "CVE-2022-1040"
          ]
        }
      ]
    }
  ],
  "botnets": [
    {
      "botnet_name": "Hezb",
      "malpedia_url": "https://malpedia.caad.fkie.fraunhofer.de/actor/hezb",
      "cve_references": [
        {
          "url": "https://www.lacework.com/blog/kinsing-dark-iot-botnet-among-threats-targeting-cve-2022-26134/",
          "date_added": "2022-06-07",
          "cve": [
            "CVE-2021-4034",
            "CVE-2022-26134",
            "CVE-2022-29464"
          ]
        }
      ]
    }
  ]
}
Why VulnCheck Exploit Intelligence
The largest collection of exploit PoCs and exploited in-the-wild threat intelligence, anywhere on the public Internet.
Ready to get started?
Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence directly into the tools, processes, programs, and systems that need it to outpace adversaries.