Vulnerability identifier: #VU21782

Vulnerability risk: Low

CVSSv3.1: 6.3 [CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2019-14287

CWE-ID: CWE-264

Exploitation vector: Local

Exploits in database: 8

• February 27, 2024
  • exploitables (This is repo of CVE explanations alongside their respecitve explanations.) [Github]
• May 12, 2020
  • vulnerability-exploitation (Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287/Google Android - 'Stagefright' Remote Code Execution - CVE-2015-1538) [Github]
  • Exploit-CVE-2019-14287 (Documentation for Sudo Security Bypass - CVE 2019-14287) [Github]
  • Exploiting-a-Linux-kernel-vulnerability (Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287) [Github]
  • Sudo-Security-Bypass-Vulnerability-CVE-2019-14287- (This is the exploitation of sudo security bypass vulnerability) [Github]
  • Sudo-Security-Bypass-Vulnerability (This is a brief exploitation of CVE-2019-14287 Sudo Security Bypass Vulnerability. ) [Github]
• March 26, 2020
  • SUDO_KILLER (A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regu [Github]
• March 18, 2020
  • CVE-2019-14287 (Sudo exploit) [Github]

Impact: Code execution

Vulnerable software:
Sudo
Client/Desktop applications / Software for system administration

Vendor: Sudo