{"id":228853,"date":"2022-06-29T03:01:20","date_gmt":"2022-06-29T05:01:20","guid":{"rendered":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-lexploitation-active-de-la-vulnerabilite-linux-pwnkit-dans-la-nature\/"},"modified":"2022-06-29T03:01:21","modified_gmt":"2022-06-29T05:01:21","slug":"la-cisa-met-en-garde-contre-lexploitation-active-de-la-vulnerabilite-linux-pwnkit-dans-la-nature","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/la-cisa-met-en-garde-contre-lexploitation-active-de-la-vulnerabilite-linux-pwnkit-dans-la-nature\/","title":{"rendered":"La CISA met en garde contre l&#8217;exploitation active de la vuln\u00e9rabilit\u00e9 Linux \u00ab\u00a0PwnKit\u00a0\u00bb dans la nature"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both\"><\/div>\n<p>La Cybersecurity and Infrastructure Security Agency (CISA) des \u00c9tats-Unis a d\u00e9m\u00e9nag\u00e9 cette semaine \u00e0 <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/uscert\/ncas\/current-activity\/2022\/06\/27\/cisa-adds-eight-known-exploited-vulnerabilities-catalog\" target=\"_blank\">ajouter<\/a> une vuln\u00e9rabilit\u00e9 Linux surnomm\u00e9e <strong>PwnKit<\/strong> \u00e0 son <a rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" target=\"_blank\">Catalogue des vuln\u00e9rabilit\u00e9s exploit\u00e9es connues<\/a>citant des preuves d&#8217;exploitation active.<\/p>\n<p>Le probl\u00e8me, suivi comme <a rel=\"nofollow noopener\" href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-4034\" target=\"_blank\">CVE-2021-4034<\/a> (score CVSS : 7,8), a \u00e9t\u00e9 r\u00e9v\u00e9l\u00e9 en janvier 2022 et concerne un cas d&#8217;\u00e9l\u00e9vation de privil\u00e8ges locaux dans l&#8217;utilitaire pkexec de polkit, qui permet \u00e0 un utilisateur autoris\u00e9 d&#8217;ex\u00e9cuter des commandes comme un autre utilisateur.<\/p>\n<p>Polkit (anciennement appel\u00e9 PolicyKit) est une bo\u00eete \u00e0 outils permettant de contr\u00f4ler les privil\u00e8ges \u00e0 l&#8217;\u00e9chelle du syst\u00e8me dans les syst\u00e8mes d&#8217;exploitation de type Unix et fournit un m\u00e9canisme permettant aux processus non privil\u00e9gi\u00e9s de communiquer avec les processus privil\u00e9gi\u00e9s.<\/p>\n<p>L&#8217;exploitation r\u00e9ussie de la faille pourrait amener pkexec \u00e0 ex\u00e9cuter du code arbitraire, accordant \u00e0 un attaquant non privil\u00e9gi\u00e9 des droits d&#8217;administration sur la machine cible et compromettant l&#8217;h\u00f4te.<\/p>\n<p>On ne sait pas imm\u00e9diatement comment la vuln\u00e9rabilit\u00e9 est militaris\u00e9e dans la nature, et il n&#8217;y a aucune information sur l&#8217;identit\u00e9 de l&#8217;acteur mena\u00e7ant qui pourrait l&#8217;exploiter.<\/p>\n<p>\u00c9galement inclus dans le catalogue est <a rel=\"nofollow noopener\" href=\"https:\/\/blog.confiant.com\/malvertising-threat-actor-yosec-exploits-browser-bugs-to-push-malware-cve-2021-1765-3040dd3c4af1\" target=\"_blank\">CVE-2021-30533<\/a>une faille de s\u00e9curit\u00e9 dans les navigateurs Web bas\u00e9s sur Chromium qui a \u00e9t\u00e9 exploit\u00e9e par un acteur de la menace malveillante surnomm\u00e9 Yosec pour fournir des charges utiles dangereuses l&#8217;ann\u00e9e derni\u00e8re.<\/p>\n<div class=\"ad_two clear\"><a rel=\"nofollow noopener\" href=\"https:\/\/go.thn.li\/crowdsec-tour-d\" target=\"_blank\" title=\"CyberSecurity\"><img loading=\"lazy\" decoding=\"async\" alt=\"La cyber-s\u00e9curit\u00e9\" class=\"lazyload\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2022\/04\/1650021915_454_Haskers-Gang-donne-gratuitement-le-logiciel-malveillant-ZingoStealer-a-dautres.jpg\" width=\"728\" height=\"90\" \/><\/a><\/div>\n<p>En outre, l&#8217;agence a ajout\u00e9 le jour z\u00e9ro Mitel VoIP r\u00e9cemment divulgu\u00e9 (CVE-2022-29499) ainsi que cinq vuln\u00e9rabilit\u00e9s Apple iOS (CVE-2018-4344, CVE-2019-8605, CVE-2020-9907, CVE-2020- 3837 et CVE-2021-30983) qui ont r\u00e9cemment \u00e9t\u00e9 d\u00e9couverts comme ayant \u00e9t\u00e9 abus\u00e9s par le fournisseur italien de logiciels espions RCS Lab.<\/p>\n<p>Pour att\u00e9nuer tout risque potentiel d&#8217;exposition aux cyberattaques, il est recommand\u00e9 aux organisations de donner la priorit\u00e9 \u00e0 la r\u00e9solution rapide des probl\u00e8mes.  Cependant, les agences f\u00e9d\u00e9rales du pouvoir ex\u00e9cutif civil sont tenues de corriger obligatoirement la faille d&#8217;ici le 18 juillet 2022.<\/p>\n<p><\/p>\n<\/div>\n<p><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2022\/06\/cisa-warns-of-active-exploitation-of.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>La Cybersecurity and Infrastructure Security Agency (CISA) des \u00c9tats-Unis a d\u00e9m\u00e9nag\u00e9 cette semaine \u00e0 ajouter une vuln\u00e9rabilit\u00e9 Linux surnomm\u00e9e PwnKit \u00e0 son Catalogue des vuln\u00e9rabilit\u00e9s exploit\u00e9es connuescitant des preuves d&#8217;exploitation active. Le probl\u00e8me, suivi comme CVE-2021-4034 (score CVSS : 7,8), a \u00e9t\u00e9 r\u00e9v\u00e9l\u00e9 en janvier 2022 et concerne un cas d&#8217;\u00e9l\u00e9vation de privil\u00e8ges locaux dans [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":228854,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[9261,4805,4168,841,4158,4165,4161,429,525,4157,4159,4171,4170,14592,18088,4167,4955,4160,5853,4163,4162,83958,4172,4169,4166,3667,4164],"class_list":["post-228853","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-active","tag-cisa","tag-comment-pirater","tag-contre","tag-cyber-actualites","tag-cyber-attaques","tag-cyber-mises-a-jour","tag-dans","tag-garde","tag-lactualite-de-la-cybersecurite","tag-lactualite-de-la-cybersecurite-aujourdhui","tag-lactualite-des-hackers","tag-la-securite-des-informations","tag-lexploitation","tag-linux","tag-logiciel-malveillant-de-ransomware","tag-met","tag-mises-a-jour-de-la-cybersecurite","tag-nature","tag-nouvelles-de-piratage","tag-nouvelles-de-pirates","tag-pwnkit","tag-securite-informatique","tag-securite-internet","tag-violation-de-donnees","tag-vulnerabilite","tag-vulnerabilite-logicielle"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/228853","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=228853"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/228853\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/228854"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=228853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=228853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=228853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}