Hold tight, this may blow your mind… A low-privileged user account on most Linux operating systems with UID value anything greater than 2147483647 can execute any systemctl command unauthorizedly—thanks to a newly discovered vulnerability. The reported vulnerability actually resides in PolicyKit (also known as polkit)—an application-level toolkit for Unix-like operating systems that defines policies, handles system-wide privileges and provides a way for non-privileged processes to communicate with privileged ones, such as "sudo," that does not grant root permission to an entire process. The vulnerability exists due to PolicyKit's improper validation of permission requests for any low-privileged user with UID greater than INT_MAX. So it means, if you create a user account on affected Linux systems with any UID greater than INT_MAX value, the PolicyKit component will allow you to execute any systemctl command successfully. Security researcher Rich Mirch, Twitter handle "0xm1rch," has also released a proof-of-concept (PoC) exploit to successfully demonstrate the vulnerability that requires a user with the UID 4000000000.