## https://sploitus.com/exploit?id=BF5D9D00-25F4-5F48-AFB8-9B0F0DFC448F
<h1 align="center">
<br>
<a><img src="/img/logo.png" alt="" width="300px;"></a>
<br>
<img src="https://img.shields.io/badge/PRs-welcome-blue">
<img src="https://img.shields.io/github/last-commit/kh4sh3i/CVE-2025-32463">
<img src="https://img.shields.io/github/commit-activity/m/kh4sh3i/CVE-2025-32463">
<a href="https://twitter.com/intent/follow?screen_name=kh4sh3i_"><img src="https://img.shields.io/twitter/follow/kh4sh3i_?style=flat&logo=twitter"></a>
<a href="https://github.com/kh4sh3i"><img src="https://img.shields.io/github/stars/kh4sh3i?style=flat&logo=github"></a>
</h1>
# CVE-2025-32463
Local Privilege Escalation to Root via Sudo chroot in Linux
## ๐ Vulnerability Summary
**CVE-2025-32463** is a **local privilege escalation vulnerability** in the **Sudo** binary. The flaw allows a local user to escalate privileges to **root** under specific misconfigurations or with crafted inputs. The issue was discovered by **Rich Mirch**.
- **CVE-ID:** CVE-2025-32463
- **Component:** sudo
- **Type:** Local Privilege Escalation (EoP)
- **CVSS Score:** TBD
- **Discovered by:** [Rich Mirch](https://twitter.com/rmirch)
## ๐ฅ Impact
An attacker with low privileges can exploit this vulnerability to gain **root access**, compromising the system entirely.
## ๐งช Proof of Concept
<h1 align="center">
<a><img src="/img/poc.jpg" alt="" width="500px;"></a>
</h1>
### Exploit
```bash
git clone https://github.com/kh4sh3i/CVE-2025-32463.git
cd CVE-2025-32463
chmod +x exploit.sh
id
./exploit.sh
id
```
## ๐ Affected Versions
- Vulnerable: sudo 1.9.14 to 1.9.17
- Patched: sudo 1.9.17p1 and later
- Not affected: Legacy versions prior to 1.9.14 (chroot feature did not exist)
## ๐ก๏ธ Mitigation
- Update `sudo` to the latest patched version.
- Use security frameworks like AppArmor or SELinux to limit sudo behavior.
- Monitor for abnormal sudo invocations.
## ๐งท References
- [CVE-2025-32463 on NVD](https://nvd.nist.gov/vuln/detail/CVE-2025-32463)
- [Rich Mirch on Twitter](https://twitter.com/rmirch)
- [sudo project](https://www.sudo.ws)
- [stratascale](https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot)
## โ ๏ธ Disclaimer
This PoC is provided for **educational and research** purposes only. Running this on any system without permission is **illegal** and unethical.