{"id":222665,"date":"2025-09-30T04:27:19","date_gmt":"2025-09-30T09:27:19","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/09\/cisa-sounds-alarm-on-critical-sudo-flaw-actively-exploited-in-linux-and-unix-systems"},"modified":"2025-09-30T04:27:19","modified_gmt":"2025-09-30T09:27:19","slug":"cisa-sounds-alarm-on-critical-sudo-flaw-actively-exploited-in-linux-and-unix-systems","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/09\/cisa-sounds-alarm-on-critical-sudo-flaw-actively-exploited-in-linux-and-unix-systems","title":{"rendered":"CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/cisa-sounds-alarm-on-critical-sudo-flaw-actively-exploited-in-linux-and-unix-systems.jpg\"><\/a><\/p>\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2025\/09\/29\/cisa-adds-five-known-exploited-vulnerabilities-catalog\" rel=\"noopener\" target=\"_blank\">added<\/a> a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (<a href=\"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog\" rel=\"noopener\" target=\"_blank\">KEV<\/a>) catalog, citing evidence of active exploitation in the wild.<\/p>\n<p>The vulnerability in question is CVE-2025\u201332463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1. It was <a href=\"https:\/\/thehackernews.com\/2025\/07\/critical-sudo-vulnerabilities-let-local.html\" rel=\"noopener\" target=\"_blank\">disclosed<\/a> by Stratascale researcher Rich Mirch back in July 2025.<\/p>\n<p>\u201cSudo contains an inclusion of functionality from an untrusted control sphere vulnerability,\u201d CISA said. \u201cThis vulnerability could allow a local attacker to leverage sudo\u2019s-R (\u2014chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Linux and Unix-like operating systems to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability in question is CVE-2025\u201332463 (CVSS score: 9.3), which affects Sudo versions prior [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-222665","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/222665","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=222665"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/222665\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=222665"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=222665"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=222665"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}