CVE-2025-32462
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/06/2025
Last modified:
09/07/2025
Description
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
Impact
Base Score 3.x
2.80
Severity 3.x
LOW
References to Advisories, Solutions, and Tools
- https://www.openwall.com/lists/oss-security/2025/06/30/2
- https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/
- https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host
- https://www.sudo.ws/releases/changelog/
- https://www.sudo.ws/security/advisories/