EUVD-2025-20867
2025-06-30
[email protected]
2.8
CVSS 3.1
CVSS Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
None
Lifecycle Timeline
5
Patch Released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 16, 2026 - 01:25 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 01:25 euvd
EUVD-2025-20867
PoC Detected
Nov 03, 2025 - 20:18 vuln.today
Public exploit code
CVE Published
Jun 30, 2025 - 21:15 nvd
LOW 2.8
Description
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
Analysis
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
Technical Context
This vulnerability is classified as Incorrect Authorization (CWE-863).
Affected Products
Affected products: Sudo Project Sudo
Remediation
Monitor vendor advisories for patches. Apply mitigations such as network segmentation, access restrictions, and monitoring.
Priority Score
51
Low
Medium
High
Critical
KEV: 0
EPSS: +17.4
CVSS: +14
POC: +20
Vendor Status
Ubuntu
Priority: Highsudo
| Release | Status | Version |
|---|---|---|
| jammy | released | 1.9.9-1ubuntu2.5 |
| noble | released | 1.9.15p5-3ubuntu5.24.04.1 |
| oracular | released | 1.9.15p5-3ubuntu5.24.10.1 |
| plucky | released | 1.9.16p2-1ubuntu1.1 |
| bionic | released | 1.8.21p2-3ubuntu1.6+esm1 |
| focal | released | 1.8.31-1ubuntu1.5+esm1 |
| trusty | released | 1.8.9p5-1ubuntu1.5+esm8 |
| xenial | released | 1.8.16-0ubuntu1.10+esm3 |
| upstream | released | 1.9.17p1,1.9.16p2-3 |
Debian
sudo
| Release | Status | Fixed Version | Urgency |
|---|---|---|---|
| bullseye | fixed | 1.9.5p2-3+deb11u2 | - |
| bullseye (security) | fixed | 1.9.5p2-3+deb11u3 | - |
| bookworm | fixed | 1.9.13p3-1+deb12u2 | - |
| bookworm (security) | fixed | 1.9.13p3-1+deb12u2 | - |
| trixie | fixed | 1.9.16p2-3+deb13u1 | - |
| forky, sid | fixed | 1.9.17p2-4 | - |
| (unstable) | fixed | 1.9.16p2-3 | - |
Share
External POC / Exploit Code
Leaving vuln.today
Destination URL
POC code from unknown sources may be malicious, contain backdoors, or be fake.
Always review and test exploit code in a safe, isolated environment (VM/sandbox).
Verify the source reputation and cross-reference with known databases (Exploit-DB, GitHub Security).