A big safety vulnerability found within the extensively used Sudo utility has remained hidden for over 12 years, probably exposing tens of millions of Linux and Unix methods to privilege escalation assaults.
The vulnerability recognized as CVE-2025-32462 permits unauthorized customers to realize root entry on affected methods by exploiting the Sudo host choice performance.
Key Takeaways1. 12-Yr-Previous Vulnerability, CVE-2025-32462 in Sudo’s -h choice has allowed root escalation since 2013.2. Impacts Sudo variations 1.8.8-1.9.17 throughout Linux/Unix methods together with Ubuntu and macOS.3. Makes use of built-in performance to bypass Host/Host_Alias safety restrictions.4. Patch to Sudo 1.9.17p1+ instantly – no workaround out there.
The Stratascale Cyber Analysis Unit (CRU) group found this crucial flaw, which has been current because the implementation of the -h (–host) choice in Sudo model 1.8.8, launched in September 2013.
Sudo Privilege Escalation Vulnerability
The CVE-2025-32462 vulnerability exploits a elementary flaw in how Sudo processes the -h or –host choice when used with instructions aside from the checklist operation (-l).
Whereas the documentation explicitly states that the host choice ought to solely work “along with the -l (–checklist) choice,” the vulnerability permits malicious actors to execute privileged instructions by specifying distant host guidelines that bypass native safety restrictions.
The vulnerability particularly targets environments utilizing Host or Host_Alias directives of their /and so forth/sudoers configuration information.
When a person executes instructions like sudo -h dev.take a look at.native -i or sudoedit -h ci.take a look at.native /and so forth/passwd, the system incorrectly treats distant host guidelines as legitimate for the native machine, successfully circumventing meant entry controls and granting unauthorized root privileges.
Affected variations embrace Steady 1.9.0 via 1.9.17 and Legacy 1.8.8 via 1.8.32. The vulnerability has been verified on Ubuntu 24.04.1 with Sudo variations 1.9.15p5 and 1.9.16p2, in addition to macOS Sequoia 15.3.2 with Sudo 1.9.13p2.
Notably, this privilege escalation requires no exploit code, because it leverages built-in Sudo performance.
A latest Elevation of Privilege vulnerability in Sudo’s chroot function permits any native unprivileged person to realize root entry, posing a severe safety threat. Customers and directors ought to concentrate on and take obligatory actions.
Mitigations
System directors should instantly replace to Sudo model 1.9.17p1 or later to deal with this vulnerability.
No workaround exists for this situation, making immediate patching important for sustaining system safety. Safety groups ought to conduct complete audits of their Sudo configurations by trying to find any utilization of Host or Host_Alias choices in /and so forth/sudoers and information underneath /and so forth/sudoers.d.
For environments storing Sudo guidelines in LDAP, directors ought to use instruments like ldapsearch to dump and assessment all guidelines.
The invention highlights the significance of standard safety audits of crucial system utilities and demonstrates how long-standing vulnerabilities can stay undetected in widely-deployed software program elements.
Examine reside malware conduct, hint each step of an assault, and make sooner, smarter safety choices -> Strive ANY.RUN now
