This article describes one way to detect the PwnKit ( CVE-2021–4034), a privilege escalation vulnerability on polkit’s pkexec utility. As with the previous post, we are using Falco for detection and Sysdig for analysis. Resources Qualys report PoC by berdav PoC by ly4k Premise Based on the Qualys report, this exploit depends…