Main Vulnerability Database Exploits ID:11755 - Exploit for Protection mechanism failure in Sudo - CVE-2025-32462

ID:11755 - Exploit for Protection mechanism failure in Sudo - CVE-2025-32462

Published: July 3, 2025

Vulnerability identifier: #VU112067

Vulnerability risk: Low

CVE-ID: CVE-2025-32462

CWE-ID: CWE-693

Exploitation vector: Local access

Vulnerable software:
Sudo

Link to public exploit:

https://github.com/CryingN/CVE-2025-32462

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to insufficient implementation of security measures when running sudo with -h (--host) option. If the current configuration provides access to users based on the host they are allowed to execute commands, a local user can bypass such a restriction by providing the hostname via the "-h" option they are allowed to execute commands. The vulnerability affects systems that use a common sudoers file that is distributed to multiple machines or when LDAP-based sudoers (including SSSD) is used.

Remediation

Install updates from vendor's website.

ID:11755 - Exploit for Protection mechanism failure in Sudo - CVE-2025-32462

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human