diff --git a/tasks/section_4/cis_4.1.3.x.yml b/tasks/section_4/cis_4.1.3.x.yml
index 922ea61..ec925bb 100644
--- a/tasks/section_4/cis_4.1.3.x.yml
+++ b/tasks/section_4/cis_4.1.3.x.yml
@@ -69,7 +69,7 @@
 - name: "4.1.3.6 | PATCH | Ensure use of privileged commands is collected"
   block:
       - name: "4.1.3.6 | PATCH | Ensure use of privileged commands is collected"
-        ansible.builtin.shell: for i in  $(df | grep '^/dev' | awk '{ print $NF }'); do find $i -xdev -type f -perm -4000 -o -type f -perm -2000 2>/dev/null; done
+        ansible.builtin.shell: for i in  $(df | grep '^/dev' | awk '{ print $NF }'); do find $i -xdev -type f -perm /6000 2>/dev/null; done
         changed_when: false
         failed_when: false
         check_mode: false