The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in the Sudo command-line utility to its Known Exploited Vulnerabilities catalog, confirming it is being actively exploited. The vulnerability, tracked as CVE-2025-32463, affects Sudo versions prior to 1.9.17p1 and has a CVSS score of 9.3. This security gap could permit a local attacker to use the -R (chroot) option to execute arbitrary commands with root privileges, bypassing the sudoers file restrictions.
While specific details of the in-the-wild attacks are not yet public, the issue poses a significant risk to Linux and Unix-like systems. CISA's catalog also included four other recently exploited flaws: a server-side request forgery in Adminer (CVE-2021-21311), a buffer overflow in Cisco IOS (CVE-2025-20352), a deserialization flaw in Fortra GoAnywhere MFT (CVE-2025-10035), and a command injection vulnerability in Libraesva Email Security Gateway (CVE-2025-59689).
Federal Civilian Executive Branch agencies are required to apply patches or other mitigations by October 20, 2025, to protect their networks. This directive underscores the urgent need for organizations to address these specific vulnerabilities promptly.
Read more...