Mitigation for CVE-2021-4034 in polkit (MINDBREEZE21528)

ID: MINDBREEZE21528 
Affected Components: Mindbreeze InSpire G7, Mindbreeze InSpire SaaS 
Severity: 7.8 High 
Status: Final 
First published: March 16, 2022 
CVEs: CVE-2021-4034 

Summary 

A local privilege escalation vulnerability was found on polkit's pkexec utility. 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS:

• Mindbreeze InSpire 21.3 Release Hotfix 4 (Version 21.3.5.1708) 

• Mindbreeze InSpire SaaS 21.3 Release Hotfix 4 (Version 21.3.5.1708)