## https://sploitus.com/exploit?id=213B50C4-F897-508C-981B-1C5CA4D8567A
# CVE-2025-32463: Sudo Local Privilege Escalation Vulnerability
## Summary
CVE-2025-32463 is a Local Privilege Escalation vulnerability discovered in Sudo. Attackers can exploit this vulnerability to obtain root privileges under certain conditions.
## Vulnerability Details
* **Description:** Attackers can use the `-R` (`--chroot`) option of Sudo to create a malicious `/etc/nsswitch.conf` file in the root directory specified by the user. When Sudo executes this custom environment, it reads the malicious configuration, causing the loading of the attacker-provided libraries, thereby potentially obtaining root privileges.
* **Affected Software:** Sudo
* **Affected Versions:** Sudo 1.9.14 to 1.9.17 (some sources mention a broader range of versions).
* **Criticality:** Critical, with a CVSS score of 9.3.
* **Impact:** Attackers who successfully exploit this vulnerability can gain complete control over the system and execute arbitrary commands as root.
* **Attack Prerequisites:** The attacker must have a valid account on the target system.
* **Solution:** Update to Sudo 1.9.17p1 or later versions.
* **Known Exploitation:** There are publicly available exploit scripts available online.
## How to Check
You can determine whether your system is affected by checking the version of Sudo installed on your system.
### Method 1: Using the `sudo` Command (Recommended)
Run the following command to check the version. This command usually does not require a password:
```bash
sudo -V
```
### Method 2: Reading from the Executable Path (No Permission Required)
If you cannot or do not want to use the `sudo` command, you can use the following command to read the version information directly from the executable path:
1. Find the `sudo` path (usually `/usr/bin/sudo`).
2. Run the following command (replace `/usr/bin/sudo` with your actual path):
```bash
strings /usr/bin/sudo | grep "Sudo version"
```
If the version number returned is between 1.9.14 and 1.9.17 (inclusive), your system may be at risk.