While the documentation explicitly states that the host option should only work “in conjunction with the -l (–list) option,” the vulnerability allows malicious actors to execute privileged commands by specifying remote host rules that bypass local security restrictions. When a user executes commands like sudo -h dev.test.local -i or sudoedit -h ci.test.local /etc/passwd, the system incorrectly treats remote host rules as valid for the local machine, effectively circumventing intended access controls and granting unauthorized root privileges. The vulnerability identified as CVE-2025-32462 allows unauthorized users to gain root access on affected systems by exploiting the Sudo host option functionality. A significant security vulnerability discovered in the widely used Sudo utility has remained hidden for over 12 years, potentially exposing millions of Linux and Unix systems to privilege escalation attacks. The Stratascale Cyber Research Unit (CRU) team discovered this critical flaw, which has been present since the implementation of the -h (–host) option in Sudo version 1.8.8, released in September 2013. 12-Year-Old Vulnerability, CVE-2025-32462 in Sudo's -h option has allowed root escalation since 2013.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 03 Jul 2025 10:10:21 +0000