CVE-2025-32462

Published Jun 30, 2025

Last updated 4 months ago

CVSS low 2.8
sudo

Overview

Description
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
Source
cve@mitre.org
NVD status
Modified
Products
sudo

Risk scores

CVSS 3.1

Type
Primary
Base score
8.8
Impact score
6
Exploitability score
2
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

cve@mitre.org
CWE-863

Social media

Hype score
Not currently trending

  1. A 12-year-old sudo flaw (CVE-2025-32462) allows bypassing host-based restrictions via the sudo -h option, enabling root access across multiple hosts. Fixed in version 1.9.17p1+. #SudoBug #PrivilegeEscalation #USA https://t.co/of1XfdNxnQ

    @TweetThreatNews

    13 Oct 2025

    57 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 Alert: Critical vulnerabilities in sudo (CVE-2025-32462 & CVE-2025-32463) allow local attackers to escalate privileges to root on Linux/macOS systems. CVE-2025-32463 is actively exploited! Update to sudo 1.9.17p1 immediately. #CyberSecurity #Linux @linuxtoday @linuxopsy

    @The_Hunt_x

    11 Oct 2025

    86 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-32462 #RedHat #CVEDatabase #Cybersecurity #ITSupport #EnterpriseSoftware https://t.co/myFRfdM5Qo

    @reverseame

    26 Aug 2025

    638 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CRITICAL sudo flaws in #Mageia 9: CVE-2025-32463: Local → root escalation CVE-2025-32462: Unauthorized command execution ✅ Patch: sudo-1.9.17p1 ✅ Verify: sudo --version Read more: 👉https://t.co/SZmcNj2Pbr https://t.co/qPyhHjTAe1

    @Cezar_H_Linux

    26 Jul 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. [1day1line] CVE-2025-32462: Elevation of Privilege via the host Option in sudo https://t.co/hivGQBVGQx Today’s 1day1line follows up on the previous chroot issue. It's another vulnerability in sudo, this time involving the host option. While no separate exploit is required, th

    @hackyboiz

    16 Jul 2025

    1287 Impressions

    2 Retweets

    19 Likes

    7 Bookmarks

    0 Replies

    0 Quotes

  6. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/2424MrGTM7

    @linuxtoday

    14 Jul 2025

    3294 Impressions

    7 Retweets

    34 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  7. CVE-2025-32462 no Sudo afetava setups com arquivos sudoers distribuídos; executar sudo em host não listado permitia executar comandos permitidos em outro host local, escalando privilégios a root sem restrição.

    @hashtagsec

    11 Jul 2025

    32 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. sudo's latest "trick": when chroot and nsswitch conspire against you (cve-2025-32462) https://t.co/NBXVWcM9cv

    @sredevopsorg

    10 Jul 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2025-32462: sudo: LPE via host option https://t.co/Wyjn7Gc6eY

    @_r_netsec

    10 Jul 2025

    32 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Critical Sudo bugs expose major Linux distros to local Root exploits Two critical Sudo vulnerabilities (CVE-2025-32462 and CVE-2025-32463) allow local users to escalate privileges to root on Linux systems. CVE-2025-32462 misuses the "--host" option, enabling users to run

    @dCypherIO

    7 Jul 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. CVE-2025-32462 & CVE-2025-32463 are local privilege escalation flaws in Sudo. CVE-32463 (CVSS 9.3) allows any user to gain root using --chroot and a crafted /etc/nsswitch.conf. Default installs are affected. Patch to Sudo 1.9.17p1 now. #Sudo #CVE2025 #Linux https://t.co/I

    @CloneSystemsInc

    7 Jul 2025

    59 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  12. 🚨 Two critical #Sudo flaws (CVE-2025-32462 & CVE-2025-32463) allow local users to gain root on Linux systems. 🛡️ Update to v1.9.17p1 ⚠️ Shared sudoers configs = vulnerable 🔎 Exploits via host & chroot options Patch fast. Stay sharp. #CyberSecurity #Linux h

    @Samuel257196756

    7 Jul 2025

    69 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. 🔐Nouvelle faille critique dans Sudo (CVE-2025-32462) : une vulnérabilité vieille de plus de 10 ans permet à un simple utilisateur local d’obtenir un accès root, même sur des systèmes bien configurés. 👉https://t.co/XC0uM4dDFo

    @Astuces_IT

    4 Jul 2025

    11 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  14. ⚠️ Deux failles critiques dans sudo menacent la sécurité des machines Linux Les vulnérabilités CVE-2025-32462 et CVE-2025-32463 permettent une élévation de privilèges en local, exploitant le fonctionnement même de sudo ➡️ https://t.co/DNggJLD99H #Linux https://

    @ITConnect_fr

    4 Jul 2025

    658 Impressions

    2 Retweets

    9 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  15. 📌 كشفت أبحاث الأمن السيبراني عن ثغرتين في أداة Sudo لنظم تشغيل Linux و Unix، تتيحان للمهاجمين المحليين زيادة صلاحياتهم إلى الجذر في أنظمة متأثرة. تشمل الثغرات C

    @Cybercachear

    4 Jul 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CVE-2025-32462: sudo: LPE via host option https://t.co/Wyjn7Gc6eY

    @_r_netsec

    4 Jul 2025

    782 Impressions

    0 Retweets

    3 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  17. 🚨 12-Year-Old Sudo Linux Vulnerability Enables Privilege Escalation to Root User Read more: https://t.co/cyUISoHPuy ✅ 12-Year-Old Vulnerability, CVE-2025-32462 in Sudo's -h option has allowed root escalation since 2013. ✅ Affects Sudo versions 1.8.8-1.9.17 across Linux/

    @The_Cyber_News

    3 Jul 2025

    779 Impressions

    5 Retweets

    14 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  18. 🚨 CRITICAL: Two Sudo vulnerabilities (CVE-2025-32462 & CVE-2025-32463) allow ANY local user to gain root access on Linux systems. Millions of servers at risk. One flaw hid undetected for 12 YEARS. Patch to 1.9.17p1 NOW. https://t.co/GFh7BduBUm #InfoSec #Linux #CyberSecuri

    @cyberkendra

    3 Jul 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. CVE-2025-32462 : ซูโดโฮสต์ ตัวเลือกการยกระดับความอ่อนแอของสิทธิพิเศษ https://t.co/Dy0hZWCDTX https://t.co/Kx9ro2wfO2

    @freedomhack101

    2 Jul 2025

    80 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  20. ⚠️Google、Chromeのゼロデイ脆弱性CVE-2025-6554に対するセキュリティアップデートを公開 🔨Linuxコマンド「sudo」におけるローカル権限昇格の脆弱性が修正される(CVE-2025-32462、CVE-2025-32463) 〜サイバーアラート

    @MachinaRecord

    2 Jul 2025

    113 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. Unpopular opinion: CVE-2025-32462 (#sudo recent LEoP) is not critical. Risk: High (based on CVSS 4.0 scoring) Attacker Value: Medium Exploitability: Low https://t.co/CeadbAgOiz https://t.co/841gpnjYnP

    @noraj_rawsec

    1 Jul 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  22. 🚨 CVE-2025-32462: Sudo --host option lets attackers escalate to root on SUSE Linux (CVSS 7.3). Patch guide for openSUSE/SLE: ▶️ Affected versions ▶️ zypper patch commands ▶️ Verification Read more: 👉 https://t.co/qM5pWm0jWM #InfoSec #SysAdmin https://t.co/13TU

    @Cezar_H_Linux

    1 Jul 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. 🚨 Breaking: CVE-2025-32462 in Sudo (CVSS 7.3) lets attackers escalate privileges via --host. Patch IMMEDIATELY if using: @openSUSE Leap 15.4 @SUSELinuxEnterprise 15 SP4 SUSE Manager 4.3 Read more: 👉https://t.co/1YHkzDAOQr https://t.co/oPPIhOae

    @Cezar_H_Linux

    1 Jul 2025

    52 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  24. 🔐 Critical sudo vulnerability (CVE-2025-32462) patched!* CVSS 7.3 – allows local attackers to gain root. Patch SUSE 12 SP5 NOW: Read more: 👉 https://t.co/DJa8eQOBz8 #InfoSec #DevOps https://t.co/tYkPsgoApA

    @Cezar_H_Linux

    1 Jul 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  25. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/yOg3nsZOap #HelpNetSecurity #Cybersecurity https://t.co/6AxLVFl5OZ

    @PoseidonTPA

    1 Jul 2025

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  26. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/rgS4Kk6HWz

    @TheCyberSecHub

    1 Jul 2025

    2027 Impressions

    6 Retweets

    12 Likes

    3 Bookmarks

    0 Replies

    1 Quote

  27. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/BAnFds6cr8 https://t.co/NjgKeTHT4n

    @evanderburg

    1 Jul 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. CVE-2025-32462 – Sudo host Option Elevation of Privilege Vulnerability https://t.co/eOSVXbcu9v

    @CyrilJovet

    1 Jul 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  29. CVE-2025-32462 Local Privilege Escalation via host option | Sudo https://t.co/2ZBFwsmVxc CVE-2025-32463 Local Privilege Escalation via chroot option | Sudo https://t.co/ktqrvfZEXM

    @autumn_good_35

    1 Jul 2025

    585 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  30. Two Sudo flaws (CVE-2025-32463 & CVE-2025-32462) allow local users full root via PoC. Critical privilege escalation vulnerabilities revealed by Stratascale CRU. #CyberSecurity #LinuxExploit #SudoVulnerability #PrivilegeEscalation #CVE2025 #PoC #RootAccess https://t.co/zbdErb

    @the_yellow_fall

    1 Jul 2025

    1642 Impressions

    14 Retweets

    23 Likes

    11 Bookmarks

    0 Replies

    1 Quote

  31. CVE-2025-32462 Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on uninten… https://t.co/lNRZSgLl81

    @CVEnew

    30 Jun 2025

    661 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  32. CVE-2025-32462 CVE-2025-32462 https://t.co/Xlz0yscI65

    @VulmonFeeds

    30 Jun 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. CVE-2025-32462: sudo local privilege escalation via host option https://t.co/lWKMNbCHbc use sudoers rules for any host CVE-2025-32463: sudo local privilege escalation via chroot option https://t.co/r7suerSOWG leverage sudo's -R (--chroot) option to run arbitrary commands as root

    @oss_security

    30 Jun 2025

    28 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  34. ⚠️ Faille Sudo, il faut corriger rapidement. CVE-2025-32462 : une faille dans sudo permet l’escalade de privilèges locaux via l’option host (V) TL;DR : Faille de type "Trust me bro on est sur une autre machine lance la commande". (L) 👉 https://t.co/ey2EfBQ4JJ https

    @bearstech

    30 Jun 2025

    12661 Impressions

    69 Retweets

    167 Likes

    69 Bookmarks

    9 Replies

    3 Quotes

  35. I published blogs detailing two vulnerabilities I recently discovered in Sudo. Update to 1.9.17p1. CVE-2025-32462 - Sudo Host option Elevation of Privilege Vulnerability https://t.co/IrN1Yj8nGD CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability

    @0xm1rch

    30 Jun 2025

    12514 Impressions

    40 Retweets

    135 Likes

    65 Bookmarks

    5 Replies

    3 Quotes

Configurations

Related CVEs

  1. Sudo Inclusion of Functionality from Untrusted Control Sphere VulnerabilityCVE-2025-32463
  2. sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no (or very limited) sudo privileges can determine whether files exists in folders that they otherwise cannot access using `sudo --list <pathname>`. Users with local access to a machine can discover the existence/non-existence of certain files, revealing potentially sensitive information in the file names. This information can also be used in conjunction with other attacks. Version 0.2.6 fixes the vulnerability.CVE-2025-46717
  3. sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability allows users with limited sudo privileges to enumerate the sudoers file, revealing sensitive information about other users' permissions. Attackers can collect information that can be used to more targeted attacks. Systems where users either do not have sudo privileges or have the ability to run all commands as root through sudo (the default configuration on most systems) are not affected by this advisory. Version 0.2.6 fixes the vulnerability.CVE-2025-46718
  4. Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.CVE-2023-42465
  5. Sudo Heap-Based Buffer Overflow VulnerabilityCVE-2021-3156

References

Sources include official advisories and independent security research.