Home > Vulnerability Database > CVE-2025-32462

Mend.io Vulnerability Database

CVE-2025-32462

Good to know:

Date: June 29, 2025

Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.

Severity Score

2.8

Related Resources (15)

Url: https://ubuntu.com/security/notices/USN-7604-1

Url: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32462

Url: https://access.redhat.com/security/cve/cve-2025-32462

Url: https://www.sudo.ws/releases/changelog/

Url: https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host

Url: https://lists.debian.org/debian-security-announce/2025/msg00118.html

Url: https://explore.alas.aws.amazon.com/CVE-2025-32462.html

Url: https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/

Url: https://security-tracker.debian.org/tracker/CVE-2025-32462

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-32462

Url: https://www.sudo.ws/security/advisories/

Url: https://www.openwall.com/lists/oss-security/2025/06/30/2

Url: https://www.sudo.ws/security/advisories/host_any/

Url: https://www.suse.com/security/cve/CVE-2025-32462.html

Url: https://www.mend.io/vulnerability-database/CVE-2025-32462

Severity Score

2.8

Weakness Type (CWE)

Incorrect Authorization

CWE-863

Top Fix

Upgrade Version

Upgrade to version https://github.com/sudo-project/sudo.git - v1.9.17p1

Learn More

CVSS v3.1

Base Score:	2.8
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	CHANGED
Confidentiality (C):	NONE
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-32462

Good to know:

Date: June 29, 2025

Severity Score

Related Resources (15)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?