CRITICAL🚩 CISA KEV⚡ EXPLOIT✓ PATCH🇵🇱 Wersja polska

CVE-2025-32463

CVSS 9.3v3.1pub. 2025-06-30upd. 2025-11-05

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Canonical Ubuntu

    OS
    Canonical
    22.0424.0424.1025.04
  • Debian

    OS
    Debian
    11.012.013.0
  • Opensuse Leap

    OS
    Opensuse
    15.6
  • Red Hat Enterprise Linux

    OS
    Redhat
    10.0
  • Sudo Project Sudo

    APP
    Sudo Project
    1.9.171.9.14 – 1.9.17 (bez)
  • SUSE Linux Enterprise Desktop

    OS
    Suse
    15
  • SUSE Linux Enterprise Real Time

    OS
    Suse
    15.0
  • SUSE Linux Enterprise Server For Sap

    OS
    Suse
    12

CISA KEV — detailsi

Vendori
Sudo
Producti
Sudo
Added to KEVi
September 29, 2025
Remediation deadline (US Federal)i
October 20, 2025(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 20 października 2025
CWE
References

Related vulnerabilities

CVE-2026-24061CRITICAL9.8⚠ KEVPL ✓ten sam produkt

GNU Inetutils telnetd: ominięcie uwierzytelnienia przez zmienną USER

CVE-2025-49113CRITICAL9.9⚠ KEVPL ✓ten sam produkt

RCE przez deserializację PHP w Roundcube Webmail (parametr _from)

CVE-2025-32433CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Erlang/OTP SSH — nieuwierzytelniony RCE (CVSS 10.0)

CVE-2025-24201CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki

CVE-2025-24813CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Apache Tomcat: Path Equivalence prowadzący do RCE i ujawnienia danych