CVE-2025-32463

Published Jun 30, 2025

Last updated 8 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-32463 is a vulnerability that affects Sudo versions 1.9.14 to 1.9.17 inclusive. It allows a local user to gain root access. This is possible because the `/etc/nsswitch.conf` file from a user-controlled directory is used with the `--chroot` option. An attacker can exploit this vulnerability by using Sudo's `-R` or `--chroot` option to execute arbitrary commands as root, even if they are not listed in the `sudoers` file. The vulnerability was fixed in Sudo version 1.9.17p1.

Description
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
Source
cve@mitre.org
NVD status
Awaiting Analysis

Insights

Analysis from the Intruder Security Team
Published Jul 2, 2025 Updated Jul 2, 2025

This is a serious local privilege escalation vulnerability in the sudo tool, which is present on most Unix systems. You should update this as soon as possible if your version is less than 1.9.14.

Exploiting this vulnerability requires an attacker to have access to the machine already - so it's most serious in environments where lower-privileged users routinely have access to systems. However, all vulnerable systems should be patched.

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.3
Impact score
6
Exploitability score
2.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

cve@mitre.org
CWE-829

Social media

Hype score
Not currently trending
  1. CVE-2025-32463在Sudo v1.9.14(2023年6月)中引入(https://t.co/C8QW2WVgLW),在使用chroot功能时,更新了命令匹配处理代码。本文漏洞分析的sudo代码 commit 为: cb3355e9d4f66db642b9c0e9151423762504339b telegram 黑客技术联系:https://t.co/

    @CherylTarin2

    16 Jul 2025

    1581 Impressions

    0 Retweets

    11 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. #github pr0v3rbs/CVE-2025-32463_chwoot Stars: 260 Language: #Shell https://t.co/klaZn40E9g

    @githubgod

    16 Jul 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. تایپک های مهم که شاید از دست داده باشین - باگ Sudo به شدت خطرناک هست CVE-2025-32463 رو مطالعه کنید. - یک Termius که به تروجان آلوده هست برای Mac اومده که رو لینک زیر بیشتر ت

    @alisalehiman

    15 Jul 2025

    124 Impressions

    0 Retweets

    6 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. CVE-2025-32463 - Critical Sudo Vulnerability Patch now: → Update to sudo v1.9.17p1 → Rebuild affected base images → Audit for unusual sudoedit usage → Harden privilege boundaries with AppArmor or SELinux https://t.co/jxlQp8QWSa

    @ArnabRaha57

    15 Jul 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) https://t.co/2424MrGTM7

    @linuxtoday

    14 Jul 2025

    3294 Impressions

    7 Retweets

    34 Likes

    2 Bookmarks

    1 Reply

    0 Quotes

  6. Breaking Out with chroot: CVE-2025-32463 in Sudo Just published a write-up on a newly disclosed local privilege escalation in sudo -R. Abuse chroot, hijack nsswitch, and get root 🪓👀 🔗 https://t.co/zt6tklifRB #Linux #ExploitDev #Sudo #CVE2025 #Infosec

    @vipa0z

    13 Jul 2025

    0 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. [1day1line] CVE-2025-32463: Local Privilege Escalation via chroot in sudo https://t.co/APo2gvYtaY Today’s 1day1line covers a local privilege escalation (LPE) vulnerability caused by the use of chroot in sudo.

    @hackyboiz

    12 Jul 2025

    727 Impressions

    4 Retweets

    12 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2025-32463 no Sudo permitia escalada rodando sudo com opção --chroot em diretório controlado; parsing de nsswitch.conf era vulnerável e carregava configuração de chroot arbitrária, dando root ao usuário local.

    @hashtagsec

    11 Jul 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. https://t.co/nwqY1oM0VR Critical vulnerability in Linux tool sudo The critical security vulnerability CVE-2025-32463 affects the UNIX and Linux tool sudo and allows local, unprivileged users to gain root privileges. The Stratascale Cyber ​​Research Unit (CRU) team discovere

    @B2bCyber

    10 Jul 2025

    51 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. I did a Yocto Project/OE recipe as a proof of concept for CVE-2025-32463, or "sudo chroot". Yocto cve-check does not detect this CVE! https://t.co/pcX484QA4S #YoctoProject #OpenEmbedded #CVE2025 #EmbeddedLinux #LinuxDevelopment #SecurityResearch #CVECheck #SoftwareSecurity http

    @ReliableEmbSys

    10 Jul 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Critical Sudo bugs expose major Linux distros to local Root exploits Two critical Sudo vulnerabilities (CVE-2025-32462 and CVE-2025-32463) allow local users to escalate privileges to root on Linux systems. CVE-2025-32462 misuses the "--host" option, enabling users to run

    @dCypherIO

    7 Jul 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Recently, two major vulnerabilities in the sudo command-line for Unix and Linux OSs were discovered. The issue is that a local user can get root privileges. Description of the vulnerabilities - CVE-2025-32463. The root access can be received because "/etc/nsswitch.conf" #Linux h

    @hostzealot

    7 Jul 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. CVE-2025-32462 & CVE-2025-32463 are local privilege escalation flaws in Sudo. CVE-32463 (CVSS 9.3) allows any user to gain root using --chroot and a crafted /etc/nsswitch.conf. Default installs are affected. Patch to Sudo 1.9.17p1 now. #Sudo #CVE2025 #Linux https://t.co/I

    @CloneSystemsInc

    7 Jul 2025

    59 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  14. 🚨 Two critical #Sudo flaws (CVE-2025-32462 & CVE-2025-32463) allow local users to gain root on Linux systems. 🛡️ Update to v1.9.17p1 ⚠️ Shared sudoers configs = vulnerable 🔎 Exploits via host & chroot options Patch fast. Stay sharp. #CyberSecurity #Linux h

    @Samuel257196756

    7 Jul 2025

    69 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. CVE-2025-32463: Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. https://t.co/HOstBxoOuY

    @ZeroDayFacts

    7 Jul 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CVE-2025-32463, the sudo chroot vulnerability in many Linux distros, broke last week. In this video, we'll understand what happens, how it leads to root, and exploit it in a vulnerable Docker container. https://t.co/BoiIkUGenK

    @0xdf_

    6 Jul 2025

    14269 Impressions

    60 Retweets

    189 Likes

    103 Bookmarks

    1 Reply

    1 Quote

  17. 🚨 Exploiting and Mitigating #CVE-2025-32463: A Deep Dive into #Linux Sudo Privilege Escalation https://t.co/fZB0ALG955 Educational Purposes!

    @UndercodeUpdate

    6 Jul 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. #exploit 1⃣ CVE-2025-48703: RCE in CentOS Web Panel - https://t.co/nugC3SZEEk 2⃣ CVE-2025-31200: Zero-click RCE vulnerability in Apple's iOS 18.x - https://t.co/og6oEa6nmj 3⃣ CVE-2025-32463: Escalation of Privilege to the root through sudo binary with chroot option -

    @ksg93rd

    6 Jul 2025

    1193 Impressions

    3 Retweets

    29 Likes

    9 Bookmarks

    0 Replies

    0 Quotes

  19. Critical Sudo Vulnerability (CVE-2025-32463): Immediate Action Required! A critical Local Privilege Escalation (LPE) vulnerability, CVE-2025-32463, has been identified in sudo versions 1.9.14 through 1.9.17. https://t.co/pqhNCgAYtf

    @iampopg

    6 Jul 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  20. pr0v3rbs/CVE-2025-32463_chwoot CVE-2025-32463 – sudo chroot ("chwoot") PoC https://t.co/Gut5ygLxQB

    @tdatwja

    5 Jul 2025

    270 Impressions

    0 Retweets

    2 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  21. 의외로 Linux 명령어도 개별 버전이 존재한다. 최근 발견된 CVE-2025-32463은 sudo 명령어를 통한 권한 상승(LPE) 취약점으로, 악성 공유 라이브러리를 생성하여 명령어를 통해 실행되도록 해 루트 권한을 탈취한다. sudo

    @ssogari_dev

    5 Jul 2025

    1961 Impressions

    8 Retweets

    15 Likes

    5 Bookmarks

    2 Replies

    1 Quote

  22. ⚠️ Another up-to-date CVE is on LetsDefend again, as always. Local Privilege Escalation via chroot CVE-2025-32463 is a critical local privilege escalation flaw in Sudo (v1.9.14–1.9.17) allowing attackers to gain root by exploiting the --chroot (-R) option to load malici

    @LetsDefendIO

    5 Jul 2025

    2509 Impressions

    4 Retweets

    29 Likes

    10 Bookmarks

    0 Replies

    0 Quotes

  23. محققان دو آسیب‌پذیری امنیتی در ابزار خط فرمان Sudo برای سیستم‌عامل‌های لینوکس و یونیکس کشف کرده‌اند که می‌تواند مهاجمان را قادر به ارتقای دسترسی خود به

    @Teeegra

    5 Jul 2025

    840 Impressions

    0 Retweets

    22 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  24. J'ai testé un PoC de la CVE-2025-32463 sur 𝘀𝘂𝗱𝗼, et boom 💥 root en 1 commande, LPE efficace 👌 Testé sur Fedora 42 sans conf particulière du sudoers, et toujours pas de patch sur redhat, curieux que personne ne panique plus que ça ▶️ Pour tester : https

    @BarbossHack

    4 Jul 2025

    425 Impressions

    2 Retweets

    4 Likes

    5 Bookmarks

    2 Replies

    2 Quotes

  25. ⚠️ Deux failles critiques dans sudo menacent la sécurité des machines Linux Les vulnérabilités CVE-2025-32462 et CVE-2025-32463 permettent une élévation de privilèges en local, exploitant le fonctionnement même de sudo ➡️ https://t.co/DNggJLD99H #Linux https://

    @ITConnect_fr

    4 Jul 2025

    658 Impressions

    2 Retweets

    9 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  26. 🚨 CVE-2025-32463 trên Debian 11/12 & Ubuntu 24.04. Exploits are active. 𝚊𝚙𝚝-𝚐𝚎𝚝 𝚞𝚙𝚍𝚊𝚝𝚎 && 𝚊𝚙𝚝-𝚐𝚎𝚝 𝚒𝚗𝚜𝚝𝚊𝚕𝚕 𝚜𝚞𝚍𝚘 https://t.co/wP2uL9QkkH

    @vutruso

    4 Jul 2025

    28 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. 🚨 ALERT! CVE-2025-32463 Bug sudo berbahaya di Debian 11/12 & Ubuntu 24.04 bisa kasih akses root penuh! Eksploit aktif beredar. Jangan tunggu disusupi! 🔧 Segera update sekarang juga: apt-get update && apt-get install sudo Lindungi server-mu sebelum terlambat!

    @_4dinata

    4 Jul 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. Sudo’s chroot Vulnerability CVE-2025-32463 PoC https://t.co/47s3h86FLe

    @t31m0

    3 Jul 2025

    1057 Impressions

    6 Retweets

    18 Likes

    9 Bookmarks

    0 Replies

    0 Quotes

  29. 🚨**Linux Sudo Vulnerabilities: CVE-2025-32463** 🚨 Heads-up, Critical Sudo flaws are putting you at risk. Patch now; "https://t.co/zBfB1f0Qvi" #Cybersecurity #SudoVuln #CVE202532463

    @CWatsonbar79259

    3 Jul 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. CVE-2025-32463: Critical Sudo Vulnerability Put Linux Servers at Risk #LinuxSecurity #CVE202532463 #SudoVulnerability #PatchNow #CyberSecurity #PrivilegeEscalation #OpenSourceSecurity #SysAdmin #InfoSec https://t.co/kn0IFzo3DE

    @cyashadotcom

    3 Jul 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. 🚨 CVE-2025-32463 — sudo vuln allows root access on Debian 11/12 & Ubuntu 24.04. Exploits active. Update sudo now (run as root): 𝚊𝚙𝚝-𝚐𝚎𝚝 𝚞𝚙𝚍𝚊𝚝𝚎 && 𝚊𝚙𝚝-𝚐𝚎𝚝 𝚒𝚗𝚜𝚝𝚊𝚕𝚕 𝚜𝚞𝚍𝚘 Secur

    @CloudKodu12528

    3 Jul 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 🚨 CVE-2025-32463 — sudo vuln giving root access on Debian 11/12 & Ubuntu 24.04. Exploits are active. Fix now: 𝚊𝚙𝚝-𝚐𝚎𝚝 𝚞𝚙𝚍𝚊𝚝𝚎 && 𝚊𝚙𝚝-𝚐𝚎𝚝 𝚒𝚗𝚜𝚝𝚊𝚕𝚕 𝚜𝚞𝚍𝚘 We track these threats s

    @fastpanel_news

    3 Jul 2025

    63 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  33. 🔴 Critical Sudo Vulnerability – CVE-2025-32463 A newly disclosed vulnerability affects default Sudo configurations (v1.9.14–1.9.17). It allows any local unprivileged user to escalate privileges to root, by abusing the chroot feature. Full details: https://t.co/pMCTVEnhZr

    @OtmaneTalhaoui

    3 Jul 2025

    64 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. CVE-2025-32463: Local Privilege Escalation via sudo -R NSS Injection https://t.co/eROJVZoPHr https://t.co/1y3JmS5QcI

    @cyber_advising

    3 Jul 2025

    1702 Impressions

    6 Retweets

    20 Likes

    7 Bookmarks

    0 Replies

    1 Quote

  35. 🚨 CRITICAL: Two Sudo vulnerabilities (CVE-2025-32462 & CVE-2025-32463) allow ANY local user to gain root access on Linux systems. Millions of servers at risk. One flaw hid undetected for 12 YEARS. Patch to 1.9.17p1 NOW. https://t.co/GFh7BduBUm #InfoSec #Linux #CyberSecuri

    @cyberkendra

    3 Jul 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. Linux 環境で広く利用されている「sudo」でchrootの脆弱性(CVE-2025-32463)、非特権ユーザーがroot権限を取得可能に #セキュリティ対策Lab #セキュリティ #Security https://t.co/kHBnalI4kq

    @securityLab_jp

    3 Jul 2025

    104 Impressions

    1 Retweet

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  37. ⚠️ اگه نسخه #sudo سرورت بین 1.9.14 تا 1.9.17 هست، سریعاً آپدیتش کن! یه باگ امنیتی خطرناک (CVE-2025-32463) توی قابلیت chroot پیدا شده که می‌تونه بدون نیاز به رمز، دسترسی root ب

    @Linuxmaster14

    2 Jul 2025

    18189 Impressions

    14 Retweets

    164 Likes

    70 Bookmarks

    5 Replies

    1 Quote

  38. هرچه زودتر sudo را در سرورهای خودتون به روز رسانی کنید اسیب پذیری CVE-2025-32463 امده است که به کاربران غیر روت اجازه میده با اجرا یک فایل تبدیل به روت بشن https://t.co/11f

    @jstnimo

    2 Jul 2025

    38 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  39. Very interesting vuln in sudo! CVE-2025-32463 https://t.co/IMccWdtwj8

    @kat_ish_

    2 Jul 2025

    51 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  40. CVE-2025-32463 An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. Sudo versions 1.9.14 to 1.9.17 inclusive are affected. PoC: - https://t.co/aWjbr7INTH

    @LostN3rd

    2 Jul 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. CVE-2025-32463対策やっておかなきゃね!とおもったけど22.04LTSだったから影響ないですね(迫るEOLと原因となっているあれこれの24対応の遅さ) https://t.co/SIGKzEuzdY

    @mogmod

    2 Jul 2025

    192 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. "CVE-2025-32463: sudo local privilege escalation via chroot option" An attacker can leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. Sudo versions 1.9.14 to 1.9.17 affected. https://t.co/CIlFVA1GF5 #infosec

    @_hg8_

    2 Jul 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. Important for #OpenBSD users is the comment in the ports-update commit message. #CVE-2025-32463 #SUDO https://t.co/cejRvETFwI

    @sizeofvoid

    2 Jul 2025

    395 Impressions

    0 Retweets

    12 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. CVE-2025-32463のPoCのやつシュッとrootとれてすごい

    @M_UNIVERSE

    2 Jul 2025

    89 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  45. ⚠️Google、Chromeのゼロデイ脆弱性CVE-2025-6554に対するセキュリティアップデートを公開 🔨Linuxコマンド「sudo」におけるローカル権限昇格の脆弱性が修正される(CVE-2025-32462、CVE-2025-32463) 〜サイバーアラート

    @MachinaRecord

    2 Jul 2025

    113 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  46. Critical #Linux flaw CVE-2025-32463 in sudo allows privilege escalation. Patch now. Full details: https://t.co/AsnLRLj8d4 #CyberSecurity #CVE202532463

    @CybersecSntl

    2 Jul 2025

    49 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  47. 🚨 Detecting Sudo --chroot Abuse in #Microsoft Sentinel Using KQL (#CVE-2025-32463) https://t.co/q1mqQs1pQf Educational Purposes!

    @UndercodeUpdate

    2 Jul 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  48. GitHub - pr0v3rbs/CVE-2025-32463_chwoot: sudo Local Privilege Escalation CVE-2025-32463 - https://t.co/5yEGxP967f

    @piedpiper1616

    2 Jul 2025

    4900 Impressions

    45 Retweets

    105 Likes

    50 Bookmarks

    0 Replies

    1 Quote

  49. CVE-2025-32463: Sudo chroot Elevation of Privilege https://t.co/Aw65SsVF0s

    @minamijoyo

    2 Jul 2025

    57 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  50. CVE-2025-32463: sudo local privilege escalation via chroot option https://t.co/AB2bm9RVKU https://t.co/1wNYyBYbh5

    @secharvesterx

    2 Jul 2025

    105 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes