Sudo Command Execution Flaw in Sudo Before Version 1.9.17p1
CVE-2025-32462
2.8LOW
What is CVE-2025-32462?
The vulnerability in Sudo prior to version 1.9.17p1 allows users listed in a sudoers file to execute commands on unintended machines. This occurs when a sudoers configuration specifies a host that is neither the local machine nor encompasses all hosts (ALL), thereby exposing systems to potential unauthorized command execution. This issue underscores the importance of correctly configuring sudoers files to prevent unintended access and maintain system integrity.
Affected Version(s)
Sudo 1.8.8 < 1.9.17p1