Sudo Command Execution Flaw in Sudo Before Version 1.9.17p1
CVE-2025-32462

2.8LOW

Key Information:

Status
Vendor
CVE Published:
30 June 2025

Badges

📈 Trended📈 Score: 3,060👾 Exploit Exists🟡 Public PoC📰 News Worthy

What is CVE-2025-32462?

CVE-2025-32462 is a vulnerability found in the Sudo utility, an integral part of Unix-like operating systems that allows permitted users to execute commands with the privileges of another user, typically the superuser. This specific vulnerability affects versions of Sudo before 1.9.17p1 and occurs when the sudoers file specifies a host that is neither the current host nor configured to allow access to all hosts. As a result, this flaw permits listed users to execute commands on unintended machines, which can lead to unauthorized command execution across other systems within a network. This may compromise the integrity and confidentiality of those systems, allowing malicious actors to manipulate or access sensitive data without appropriate authorization.

Potential impact of CVE-2025-32462

  1. Unauthorized Command Execution: The primary impact of CVE-2025-32462 is the potential for users to execute commands on systems outside of their intended scope. This could lead to unauthorized access to sensitive information or modification of system configurations, which could facilitate further attacks within the network.

  2. Operational Disruption: By exploiting this vulnerability, attackers could disrupt normal operations across multiple machines, leading to potential downtime and loss of business continuity. This could cause significant financial implications for organizations relying on the stability of their systems.

  3. Increased Attack Surface: The presence of this vulnerability expands the attack surface for malicious actors. If left unaddressed, it could enable lateral movement within an organization’s network, allowing attackers to compromise additional systems and escalate their privileges, potentially leading to a larger-scale breach.

Affected Version(s)

Sudo 1.8.8 < 1.9.17p1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

News Articles

Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed

2 weeks ago

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

Two critical vulnerabilities in Sudo command-line tool allow privilege escalation for local attackers on Linux systems

2 weeks ago

12-Year-Old Sudo Vulnerability Exposes Linux Systems to Privilege Escalation

The flaw, present in Sudo’s codebase for over 12 years, was discovered by Rich Mirch of the Stratascale Cyber Research Unit and affects both stable (v1.9.0–1.9.17) and legacy (v1.8.8–1.8.32) versions of Sudo.

2 weeks ago

References

CVSS V3.1

Score:
2.8
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • 📈

    Vulnerability started trending

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by Help Net Security

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-32462 : Sudo Command Execution Flaw in Sudo Before Version 1.9.17p1