Re: Local Privilege Escalation Vulnerability in Sudo - CVE-2025-32463

Vishal6 · ‎07-07-2025

Hi All,

A critical vulnerability, CVE-2025-32463 with CVSS score of 9.3 reflecting its high risk, has been discovered and affecting Sudo in Linux OS.

This vulnerability allows attackers or users to exploit sudo's -R (or --chroot) option to execute arbitrary commands with root privileges, bypassing the restrictions defined in the sudoers file.

Advisory link : Local Privilege Escalation via chroot option | Sudo

Affected version:
Sudo versions 1.9.14 to 1.9.17 inclusive are affected.

Recommended actions:
Need to update Sudo to version 1.9.17p1 or later.

Our fmc hosted in VM, does this vulnerability related to Fmc ? Do we need to upgrade Fmc ?

Vishal6 · ‎07-07-2025

any help please

marce1000 · ‎07-07-2025

- @Vishal6 On FMC you might be able to examine the sudo version (correction) from expert mode and type the command :
sudo -V

You can find a POC at : https://github.com/K1tt3h/CVE-2025-32463-POC

In general when a new critical vulnerability is discovered and no advisories have been
published for Cisco products then contact the
Cisco Product Security Incident Response Team at psirt@cisco.com

Describe your concerns , results of checks and or ask for a remedy for the security problem

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Vishal6 · ‎07-07-2025

What will be impact for upgrading linux os ?

marce1000 · ‎07-07-2025

- @Vishal6 The question is not correct, in the sense that when Cisco provides a fix , it incorporates the
'whole product' and not just the linux os.

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '