Sudo Flaw Allows Root Access; PoC Exploit Released

A critical local privilege escalation vulnerability in the widely-used Sudo utility for Linux, tracked as CVE-2025-32463, is now being actively exploited. The flaw allows a low-privileged local user to gain full root access by abusing the chroot functionality in affected Sudo versions 1.9.14 through 1.9.17. A complete proof-of-concept exploit has been published, significantly increasing the risk of widespread attacks. Due to evidence of active exploitation, a national cybersecurity agency has added the vulnerability to its Known Exploited Vulnerabilities catalog. System administrators are urged to immediately update Sudo to a patched version, such as 1.9.17p1 or later, to mitigate the threat.

Latest mentioned: 10-06

Earliest mentioned: 09-30

Sources

gbhackers.com bleepingcomputer.com

Also Read

Cyber Espionage Campaign Targets Diplomats with PlugX Malware

A threat actor known as UNC6384 has been targeting European diplomatic entities in a cyber-espionage campaign since September. The group exploits a high-severity Windows vulnerability and uses refined social engineering tactics to deliver PlugX malware. The campaign, which initially targeted entities in specific regions, is expanding across the broader diplomatic community. The attack chain involves spear-phishing emails leading to malicious LNK files that exploit the vulnerability and execute obfuscated PowerShell commands. Researchers recommend organizations review and block command-and-control infrastructures and conduct security awareness training to mitigate such attacks.

11-01Read more →