Ethical Hacking News
CISA has issued a critical alert regarding a severe vulnerability in the sudo package, which is widely used on Linux operating systems. Hackers are actively exploiting this flaw to gain unauthorized access and escalate privileges on affected systems. The agency advises federal agencies to take immediate action to patch the issue or discontinue using sudo by October 20. Organizations worldwide are warned to prioritize security measures to protect themselves against exploitation.
A critical alert has been issued by CISA regarding a severe vulnerability in the sudo package. The vulnerability, identified by CVE-2025-32463, affects sudo versions 1.9.14 through 1.9.17 with a severity score of 9.3 out of 10. The issue allows attackers to gain access to sensitive areas of a system without explicit authorization using the -R (--chroot) option. CISA warns that this vulnerability is being actively exploited in real-world attacks and advises immediate action by federal agencies. Organizations worldwide are advised to prioritize patching, implement other security measures, and limit the use of the -R (--chroot) option.
CISA has issued a critical alert regarding a severe vulnerability in the sudo package, which is widely used on Linux operating systems. This warning comes as hackers are actively exploiting this flaw to gain unauthorized access and escalate privileges on affected systems.
The vulnerability, identified by CVE-2025-32463, was discovered by Rich Mirch, a researcher at cybersecurity services company Stratascale. It affects sudo versions 1.9.14 through 1.9.17 and has received a critical severity score of 9.3 out of 10. This means that an attacker can leverage the -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.
The issue impacts the default sudo configuration, which can be exploited without any predefined rules for the user. This makes it particularly concerning, as it allows attackers to gain access to sensitive areas of a system without needing explicit authorization.
CISA has warned that this vulnerability is being actively exploited in real-world attacks. The agency has given federal agencies until October 20 to apply official mitigations or discontinue the use of sudo altogether. Organizations worldwide are advised to take immediate action and prioritize patching and implementing other security measures to protect themselves against this exploitation.
The impact of this vulnerability cannot be overstated, as it can be used by hackers to gain access to sensitive areas of a system and escalate privileges. This could lead to a range of malicious activities, from data theft to system compromise.
To mitigate this risk, users should ensure they are running the latest version of sudo. In addition, organizations can take steps to limit the use of the -R (--chroot) option and implement strict access controls for their systems. It is also essential to regularly monitor system logs and investigate any suspicious activity promptly.
The discovery of this vulnerability highlights the ongoing importance of staying vigilant and proactive in addressing emerging security threats. As the cybersecurity landscape continues to evolve, it is crucial that organizations prioritize the implementation of robust security measures and stay informed about the latest vulnerabilities and exploits.
Related Information:
https://www.ethicalhackingnews.com/articles/CISA-Issues-Urgent-Warning-Critical-Linux-Sudo-Flaw-Exploited-in-Real-World-Attacks-ehn.shtml
https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-linux-sudo-flaw-exploited-in-attacks/
https://nvd.nist.gov/vuln/detail/CVE-2025-32463
https://www.cvedetails.com/cve/CVE-2025-32463/
Published: Tue Sep 30 09:12:23 2025 by llama3.2 3B Q4_K_M
