AI description
CVE-2025-32462 affects Sudo versions before 1.9.17p1. When Sudo is used with a sudoers file that specifies a host that is neither the current host nor ALL, it allows listed users to execute commands on unintended machines. This vulnerability has existed since the implementation of the host option in Sudo v1.8.8, released in September 2013. The vulnerability can be exploited when Sudo rules are configured to restrict certain hostnames or hostname patterns. In such cases, privilege escalation to root may occur without requiring a specific exploit. To mitigate this vulnerability, it is recommended to install Sudo version 1.9.17p1 or later.
- Description
- Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 2.8
- Impact score
- 1.4
- Exploitability score
- 1.1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
- Severity
- LOW
- cve@mitre.org
- CWE-863
- Hype score
- Not currently trending
[1day1line] CVE-2025-32462: Elevation of Privilege via the host Option in sudo https://t.co/hivGQBVGQx Today’s 1day1line follows up on the previous chroot issue. It's another vulnerability in sudo, this time involving the host option. While no separate exploit is required, th
@hackyboiz
16 Jul 2025
1287 Impressions
2 Retweets
19 Likes
7 Bookmarks
0 Replies
0 Quotes
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/2424MrGTM7
@linuxtoday
14 Jul 2025
3294 Impressions
7 Retweets
34 Likes
2 Bookmarks
1 Reply
0 Quotes
CVE-2025-32462 no Sudo afetava setups com arquivos sudoers distribuídos; executar sudo em host não listado permitia executar comandos permitidos em outro host local, escalando privilégios a root sem restrição.
@hashtagsec
11 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
sudo's latest "trick": when chroot and nsswitch conspire against you (cve-2025-32462) https://t.co/NBXVWcM9cv
@sredevopsorg
10 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462: sudo: LPE via host option https://t.co/Wyjn7Gc6eY
@_r_netsec
10 Jul 2025
32 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Critical Sudo bugs expose major Linux distros to local Root exploits Two critical Sudo vulnerabilities (CVE-2025-32462 and CVE-2025-32463) allow local users to escalate privileges to root on Linux systems. CVE-2025-32462 misuses the "--host" option, enabling users to run
@dCypherIO
7 Jul 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462 & CVE-2025-32463 are local privilege escalation flaws in Sudo. CVE-32463 (CVSS 9.3) allows any user to gain root using --chroot and a crafted /etc/nsswitch.conf. Default installs are affected. Patch to Sudo 1.9.17p1 now. #Sudo #CVE2025 #Linux https://t.co/I
@CloneSystemsInc
7 Jul 2025
59 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Two critical #Sudo flaws (CVE-2025-32462 & CVE-2025-32463) allow local users to gain root on Linux systems. 🛡️ Update to v1.9.17p1 ⚠️ Shared sudoers configs = vulnerable 🔎 Exploits via host & chroot options Patch fast. Stay sharp. #CyberSecurity #Linux h
@Samuel257196756
7 Jul 2025
69 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🔐Nouvelle faille critique dans Sudo (CVE-2025-32462) : une vulnérabilité vieille de plus de 10 ans permet à un simple utilisateur local d’obtenir un accès root, même sur des systèmes bien configurés. 👉https://t.co/XC0uM4dDFo
@Astuces_IT
4 Jul 2025
11 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
⚠️ Deux failles critiques dans sudo menacent la sécurité des machines Linux Les vulnérabilités CVE-2025-32462 et CVE-2025-32463 permettent une élévation de privilèges en local, exploitant le fonctionnement même de sudo ➡️ https://t.co/DNggJLD99H #Linux https://
@ITConnect_fr
4 Jul 2025
658 Impressions
2 Retweets
9 Likes
3 Bookmarks
0 Replies
0 Quotes
📌 كشفت أبحاث الأمن السيبراني عن ثغرتين في أداة Sudo لنظم تشغيل Linux و Unix، تتيحان للمهاجمين المحليين زيادة صلاحياتهم إلى الجذر في أنظمة متأثرة. تشمل الثغرات C
@Cybercachear
4 Jul 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462: sudo: LPE via host option https://t.co/Wyjn7Gc6eY
@_r_netsec
4 Jul 2025
782 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
🚨 12-Year-Old Sudo Linux Vulnerability Enables Privilege Escalation to Root User Read more: https://t.co/cyUISoHPuy ✅ 12-Year-Old Vulnerability, CVE-2025-32462 in Sudo's -h option has allowed root escalation since 2013. ✅ Affects Sudo versions 1.8.8-1.9.17 across Linux/
@The_Cyber_News
3 Jul 2025
779 Impressions
5 Retweets
14 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL: Two Sudo vulnerabilities (CVE-2025-32462 & CVE-2025-32463) allow ANY local user to gain root access on Linux systems. Millions of servers at risk. One flaw hid undetected for 12 YEARS. Patch to 1.9.17p1 NOW. https://t.co/GFh7BduBUm #InfoSec #Linux #CyberSecuri
@cyberkendra
3 Jul 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462 : ซูโดโฮสต์ ตัวเลือกการยกระดับความอ่อนแอของสิทธิพิเศษ https://t.co/Dy0hZWCDTX https://t.co/Kx9ro2wfO2
@freedomhack101
2 Jul 2025
80 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️Google、Chromeのゼロデイ脆弱性CVE-2025-6554に対するセキュリティアップデートを公開 🔨Linuxコマンド「sudo」におけるローカル権限昇格の脆弱性が修正される(CVE-2025-32462、CVE-2025-32463) 〜サイバーアラート
@MachinaRecord
2 Jul 2025
113 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Unpopular opinion: CVE-2025-32462 (#sudo recent LEoP) is not critical. Risk: High (based on CVSS 4.0 scoring) Attacker Value: Medium Exploitability: Low https://t.co/CeadbAgOiz https://t.co/841gpnjYnP
@noraj_rawsec
1 Jul 2025
14 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 CVE-2025-32462: Sudo --host option lets attackers escalate to root on SUSE Linux (CVSS 7.3). Patch guide for openSUSE/SLE: ▶️ Affected versions ▶️ zypper patch commands ▶️ Verification Read more: 👉 https://t.co/qM5pWm0jWM #InfoSec #SysAdmin https://t.co/13TU
@Cezar_H_Linux
1 Jul 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Breaking: CVE-2025-32462 in Sudo (CVSS 7.3) lets attackers escalate privileges via --host. Patch IMMEDIATELY if using: @openSUSE Leap 15.4 @SUSELinuxEnterprise 15 SP4 SUSE Manager 4.3 Read more: 👉https://t.co/1YHkzDAOQr https://t.co/oPPIhOae
@Cezar_H_Linux
1 Jul 2025
52 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
🔐 Critical sudo vulnerability (CVE-2025-32462) patched!* CVSS 7.3 – allows local attackers to gain root. Patch SUSE 12 SP5 NOW: Read more: 👉 https://t.co/DJa8eQOBz8 #InfoSec #DevOps https://t.co/tYkPsgoApA
@Cezar_H_Linux
1 Jul 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/yOg3nsZOap #HelpNetSecurity #Cybersecurity https://t.co/6AxLVFl5OZ
@PoseidonTPA
1 Jul 2025
84 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/rgS4Kk6HWz
@TheCyberSecHub
1 Jul 2025
2027 Impressions
6 Retweets
12 Likes
3 Bookmarks
0 Replies
1 Quote
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/BAnFds6cr8 https://t.co/NjgKeTHT4n
@evanderburg
1 Jul 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462 – Sudo host Option Elevation of Privilege Vulnerability https://t.co/eOSVXbcu9v
@CyrilJovet
1 Jul 2025
37 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462 Local Privilege Escalation via host option | Sudo https://t.co/2ZBFwsmVxc CVE-2025-32463 Local Privilege Escalation via chroot option | Sudo https://t.co/ktqrvfZEXM
@autumn_good_35
1 Jul 2025
585 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Two Sudo flaws (CVE-2025-32463 & CVE-2025-32462) allow local users full root via PoC. Critical privilege escalation vulnerabilities revealed by Stratascale CRU. #CyberSecurity #LinuxExploit #SudoVulnerability #PrivilegeEscalation #CVE2025 #PoC #RootAccess https://t.co/zbdErb
@the_yellow_fall
1 Jul 2025
1642 Impressions
14 Retweets
23 Likes
11 Bookmarks
0 Replies
1 Quote
CVE-2025-32462 Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on uninten… https://t.co/lNRZSgLl81
@CVEnew
30 Jun 2025
661 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462 CVE-2025-32462 https://t.co/Xlz0yscI65
@VulmonFeeds
30 Jun 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-32462: sudo local privilege escalation via host option https://t.co/lWKMNbCHbc use sudoers rules for any host CVE-2025-32463: sudo local privilege escalation via chroot option https://t.co/r7suerSOWG leverage sudo's -R (--chroot) option to run arbitrary commands as root
@oss_security
30 Jun 2025
28 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ Faille Sudo, il faut corriger rapidement. CVE-2025-32462 : une faille dans sudo permet l’escalade de privilèges locaux via l’option host (V) TL;DR : Faille de type "Trust me bro on est sur une autre machine lance la commande". (L) 👉 https://t.co/ey2EfBQ4JJ https
@bearstech
30 Jun 2025
12661 Impressions
69 Retweets
167 Likes
69 Bookmarks
9 Replies
3 Quotes
I published blogs detailing two vulnerabilities I recently discovered in Sudo. Update to 1.9.17p1. CVE-2025-32462 - Sudo Host option Elevation of Privilege Vulnerability https://t.co/IrN1Yj8nGD CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability
@0xm1rch
30 Jun 2025
12514 Impressions
40 Retweets
135 Likes
65 Bookmarks
5 Replies
3 Quotes