CVE-2025-32463 PoC — Sudo 安全漏洞

Description

A Python exploit for CVE-2025-32463, a critical local privilege escalation vulnerability in the Sudo binary on Linux systems. This flaw allows local users to obtain root access by exploiting the --chroot option, which incorrectly uses /etc/nsswitch.conf from a user-controlled directory.

介绍

Vulnerability Overview
CVE-2025-32463 affects Sudo versions 1.9.14 through 1.9.16 (fixed in 1.9.17p1). 

When Sudo is invoked with the --chroot option, it may load configuration from an attacker-controlled path, leading to arbitrary code execution and privilege escalation to root.

Usage: python3 CVE-2025-32463.py 
- this should pop a root shell (video POC demonstrated) 

CVSS Score: 7.8 (High)
Impact: Local privilege escalation to root.
Affected Systems: Linux distributions with vulnerable Sudo (e.g., Ubuntu 24.04 LTS, RHEL, etc.).

Requirements

Python 3.8+

Linux system with vulnerable Sudo (check with sudo --version).
Local user account with ability to execute Sudo commands.

文件快照

备注