CVE-2025-32462

sudo

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-32462 affects Sudo versions before 1.9.17p1. When Sudo is used with a sudoers file that specifies a host that is neither the current host nor ALL, it allows listed users to execute commands on unintended machines. This vulnerability has existed since the implementation of the host option in Sudo v1.8.8, released in September 2013. The vulnerability can be exploited when Sudo rules are configured to restrict certain hostnames or hostname patterns. In such cases, privilege escalation to root may occur without requiring a specific exploit. To mitigate this vulnerability, it is recommended to install Sudo version 1.9.17p1 or later.

Description
-

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

42

  1. ⚠️Google、Chromeのゼロデイ脆弱性CVE-2025-6554に対するセキュリティアップデートを公開 🔨Linuxコマンド「sudo」におけるローカル権限昇格の脆弱性が修正される(CVE-2025-32462、CVE-2025-32463) 〜サイバーアラート

    @MachinaRecord

    2 Jul 2025

    113 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Unpopular opinion: CVE-2025-32462 (#sudo recent LEoP) is not critical. Risk: High (based on CVSS 4.0 scoring) Attacker Value: Medium Exploitability: Low https://t.co/CeadbAgOiz https://t.co/841gpnjYnP

    @noraj_rawsec

    1 Jul 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. 🚨 CVE-2025-32462: Sudo --host option lets attackers escalate to root on SUSE Linux (CVSS 7.3). Patch guide for openSUSE/SLE: ▶️ Affected versions ▶️ zypper patch commands ▶️ Verification Read more: 👉 https://t.co/qM5pWm0jWM #InfoSec #SysAdmin https://t.co/13TU

    @Cezar_H_Linux

    1 Jul 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 Breaking: CVE-2025-32462 in Sudo (CVSS 7.3) lets attackers escalate privileges via --host. Patch IMMEDIATELY if using: @openSUSE Leap 15.4 @SUSELinuxEnterprise 15 SP4 SUSE Manager 4.3 Read more: 👉https://t.co/1YHkzDAOQr https://t.co/oPPIhOae

    @Cezar_H_Linux

    1 Jul 2025

    44 Impressions

    1 Retweet

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  5. 🔐 Critical sudo vulnerability (CVE-2025-32462) patched!* CVSS 7.3 – allows local attackers to gain root. Patch SUSE 12 SP5 NOW: Read more: 👉 https://t.co/DJa8eQOBz8 #InfoSec #DevOps https://t.co/tYkPsgoApA

    @Cezar_H_Linux

    1 Jul 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/yOg3nsZOap #HelpNetSecurity #Cybersecurity https://t.co/6AxLVFl5OZ

    @PoseidonTPA

    1 Jul 2025

    78 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/rgS4Kk6HWz

    @TheCyberSecHub

    1 Jul 2025

    1822 Impressions

    6 Retweets

    12 Likes

    3 Bookmarks

    0 Replies

    1 Quote

  8. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/BAnFds6cr8 https://t.co/NjgKeTHT4n

    @evanderburg

    1 Jul 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2025-32462 – Sudo host Option Elevation of Privilege Vulnerability https://t.co/eOSVXbcu9v

    @CyrilJovet

    1 Jul 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2025-32462 Local Privilege Escalation via host option | Sudo https://t.co/2ZBFwsmVxc CVE-2025-32463 Local Privilege Escalation via chroot option | Sudo https://t.co/ktqrvfZEXM

    @autumn_good_35

    1 Jul 2025

    585 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  11. Two Sudo flaws (CVE-2025-32463 & CVE-2025-32462) allow local users full root via PoC. Critical privilege escalation vulnerabilities revealed by Stratascale CRU. #CyberSecurity #LinuxExploit #SudoVulnerability #PrivilegeEscalation #CVE2025 #PoC #RootAccess https://t.co/zbdErb

    @the_yellow_fall

    1 Jul 2025

    1642 Impressions

    14 Retweets

    23 Likes

    11 Bookmarks

    0 Replies

    1 Quote

  12. CVE-2025-32462 Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on uninten… https://t.co/lNRZSgLl81

    @CVEnew

    30 Jun 2025

    661 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  13. CVE-2025-32462 CVE-2025-32462 https://t.co/Xlz0yscI65

    @VulmonFeeds

    30 Jun 2025

    47 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. CVE-2025-32462: sudo local privilege escalation via host option https://t.co/lWKMNbCHbc use sudoers rules for any host CVE-2025-32463: sudo local privilege escalation via chroot option https://t.co/r7suerSOWG leverage sudo's -R (--chroot) option to run arbitrary commands as root

    @oss_security

    30 Jun 2025

    28 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. ⚠️ Faille Sudo, il faut corriger rapidement. CVE-2025-32462 : une faille dans sudo permet l’escalade de privilèges locaux via l’option host (V) TL;DR : Faille de type "Trust me bro on est sur une autre machine lance la commande". (L) 👉 https://t.co/ey2EfBQ4JJ https

    @bearstech

    30 Jun 2025

    12661 Impressions

    69 Retweets

    167 Likes

    69 Bookmarks

    9 Replies

    3 Quotes

  16. I published blogs detailing two vulnerabilities I recently discovered in Sudo. Update to 1.9.17p1. CVE-2025-32462 - Sudo Host option Elevation of Privilege Vulnerability https://t.co/IrN1Yj8nGD CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability

    @0xm1rch

    30 Jun 2025

    12514 Impressions

    40 Retweets

    135 Likes

    65 Bookmarks

    5 Replies

    3 Quotes

References

Sources include official advisories and independent security research.