CVE-2025-32463: Sudo Inclusion of Functionality from Untrusted Control

Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability. Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.

• CISA KEV-listed (remediation due 2025-10-20)
• EPSS 57.3% (98.2% percentile)

Detection rules

• Non-Standard Nsswitch.Conf Creation - Potential CVE-2025-32463 Exploitation high
• Linux Sudo Chroot Execution low

Browse the CVE database

Read the full analysis on IntelFusions