๐Ÿ” CVE Alert

CVE-2025-32463

CRITICAL 9.3 โš ๏ธ CISA KEV
CVSS Score
9.3
EPSS Score
0.0%
EPSS Percentile
0th

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

CWE CWE-829
Vendor sudo project
Product sudo
Published Jun 30, 2025
Last Updated Feb 26, 2026
โš ๏ธ Actively Exploited โ€” Act Now

Get instant alerts for sudo project sudo

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2025-32463.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability

Affected Versions

Sudo project / Sudo
1.9.14 < 1.9.17p1

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
sudo.ws: https://www.sudo.ws/security/advisories/ sudo.ws: https://www.sudo.ws/releases/changelog/ stratascale.com: https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot openwall.com: https://www.openwall.com/lists/oss-security/2025/06/30/3 access.redhat.com: https://access.redhat.com/security/cve/cve-2025-32463 ubuntu.com: https://ubuntu.com/security/notices/USN-7604-1 security-tracker.debian.org: https://security-tracker.debian.org/tracker/CVE-2025-32463 explore.alas.aws.amazon.com: https://explore.alas.aws.amazon.com/CVE-2025-32463.html bugs.gentoo.org: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32463 suse.com: https://www.suse.com/support/update/announcement/2025/suse-su-202502177-1/ suse.com: https://www.suse.com/security/cve/CVE-2025-32463.html secpod.com: https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/ sudo.ws: https://www.sudo.ws/security/advisories/chroot_bug/ vicarius.io: https://www.vicarius.io/vsociety/posts/cve-2025-32463-detect-sudo-vulnerability vicarius.io: https://www.vicarius.io/vsociety/posts/cve-2025-32463-mitigate-sudo-vulnerability iototsecnews.jp: https://iototsecnews.jp/2025/07/01/linux-sudo-chroot-vulnerability-enables-hackers-to-elevate-privileges-to-root/ cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-32463