## https://sploitus.com/exploit?id=16A1B79A-353F-59FC-8476-DAD3787B1495
Vulnerability Overview
CVE-2025-32463 affects Sudo versions 1.9.14 through 1.9.16 (fixed in 1.9.17p1).
When Sudo is invoked with the --chroot option, it may load configuration from an attacker-controlled path, leading to arbitrary code execution and privilege escalation to root.
Usage: python3 CVE-2025-32463.py
- this should pop a root shell (video POC demonstrated)
CVSS Score: 7.8 (High)
Impact: Local privilege escalation to root.
Affected Systems: Linux distributions with vulnerable Sudo (e.g., Ubuntu 24.04 LTS, RHEL, etc.).
Requirements
Python 3.8+
Linux system with vulnerable Sudo (check with sudo --version).
Local user account with ability to execute Sudo commands.