漏洞平台

POC详情： 707257acc4942f62a7200ff038d77ed232749824

来源

https://github.com/FreeDurok/CVE-2025-32463-PoC

关联漏洞

标题： Sudo 安全漏洞 (CVE-2025-32463)
描述：Sudo是一款使用于类Unix系统的，允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.17p1之前版本存在安全漏洞，该漏洞源于使用用户控制目录中的/etc/nsswitch.conf可能导致获取root访问权限。

描述

Proof of Concept for CVE-2025-32463 Local privilege escalation exploit targeting sudo -R on vulnerable Linux systems. For educational and authorized security testing only.

介绍

# CVE-2025-32463 – Privilege Escalation via Sudo chroot

## 📝 Overview

**CVE-2025-32463** is a local privilege escalation vulnerability affecting the `sudo` utility.  
It allows a regular user to escalate privileges to root by exploiting the `-R` option (which sets a custom runtime root directory) together with manipulated NSS configurations.

- **CVE:** CVE-2025-32463  
- **Component:** sudo  
- **Impact:** Local Privilege Escalation (root)  
- **Discovered by:** Rich Mirch

---

## 🚨 Risk & Impact

A successful exploit gives a low-privileged local user full root access, completely breaching the system security boundary.

---

## 🔬 Testing the Exploit

### Usage Example

```bash
git clone https://github.com/FreeDurok/CVE-2025-32463-PoC.git
cd CVE-2025-32463-PoC

# Check current user privileges
id

# Run the exploit
./escalate.sh

# Verify escalated privileges
id
```

![Privilege escalation demo](.img/poc.gif)


## 📌 Affected Versions
✅ Patched: sudo 1.9.17p1 and newer

🚩 Vulnerable: sudo 1.9.14 up to 1.9.17

🕗 Not impacted: Versions before 1.9.14 (the -R feature did not exist)

## 🔒 Mitigation & Hardening
Upgrade to sudo 1.9.17p1 or later.

Consider limiting or auditing the use of sudo -R through configuration policies.

Use security modules like SELinux or AppArmor to restrict unexpected sudo operations.

### References

- [Rick Mirch blog](https://blog.mirch.io/sudo-elevation-of-privilege-vulnerabilities/)
- [NVD Entry for CVE-2025-32463](https://nvd.nist.gov/vuln/detail/CVE-2025-32463)
- [Stratascale Security Research](https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot)


## ⚠️ Legal Notice
This repository is provided for authorized security testing and educational purposes only.
Executing these scripts on systems without explicit permission is illegal and violates ethical standards.

文件快照


 [4.0K]  /data/pocs/707257acc4942f62a7200ff038d77ed232749824
├── [ 966]  escalate.sh
└── [1.8K]  README.md

0 directories, 2 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。