CVE-2025-32463 PoC — Sudo 安全漏洞

Source

https://github.com/AC8999/CVE-2025-32463

Associated Vulnerability

Title:Sudo 安全漏洞 (CVE-2025-32463)
Description:Sudo是一款使用于类Unix系统的，允许用户通过安全的方式使用特殊的权限执行命令的程序。 Sudo 1.9.17p1之前版本存在安全漏洞，该漏洞源于使用用户控制目录中的/etc/nsswitch.conf可能导致获取root访问权限。

Description

A Python exploit for CVE-2025-32463, a critical local privilege escalation vulnerability in the Sudo binary on Linux systems. This flaw allows local users to obtain root access by exploiting the --chroot option, which incorrectly uses /etc/nsswitch.conf from a user-controlled directory.

Readme

Vulnerability Overview
CVE-2025-32463 affects Sudo versions 1.9.14 through 1.9.16 (fixed in 1.9.17p1). 

When Sudo is invoked with the --chroot option, it may load configuration from an attacker-controlled path, leading to arbitrary code execution and privilege escalation to root.

Usage: python3 CVE-2025-32463.py 
- this should pop a root shell (video POC demonstrated) 

CVSS Score: 7.8 (High)
Impact: Local privilege escalation to root.
Affected Systems: Linux distributions with vulnerable Sudo (e.g., Ubuntu 24.04 LTS, RHEL, etc.).

Requirements

Python 3.8+

Linux system with vulnerable Sudo (check with sudo --version).
Local user account with ability to execute Sudo commands.

File Snapshot


 [4.0K]  /data/pocs/9ffcc01f989fe4b94b09f80176c8e1fcd1d3f9fc
├── [4.6K]  CVE-2025-32463.py
├── [   2]  POC VIDEO.mp4
└── [ 689]  README.md

1 directory, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!