On January 25, 2022, Qualys announced a critical local privilege escalation vulnerability in PolicyKit's pkexec, known as PwnKit, impacting multiple major Linux distributions like Ubuntu, Debian, Fedora, and CentOS. This vulnerability, with a CVSS score of 7.8, enables attackers to gain root access by exploiting the PolicyKit executable through specially crafted environment variables that trigger the loading of an arbitrary library file. Despite its widespread presence, major Linux distributions have issued patches to mitigate the risk. Datadog's Cloud Workload Security offers real-time monitoring and detection for this vulnerability, emphasizing the importance of a defense-in-depth security strategy. The vulnerability highlights the necessity for organizations to maintain updated systems and consider using minimal Linux distributions for containerized workloads to reduce attack surfaces.