Blog Post

The Human Connection Blog
1 MIN READ

New CTI Lab: CVE-2025-32463 (Sudo Chroot Elevation of Privilege): Offensive

benhopkins's avatar
benhopkins
Icon for Immerser rankImmerser
3 days ago

Today, Immersive's Container 7 Research Team have released a new CTI lab covering a critical vulnerability in sudo, allowing an attacker to elevate their privileges on a local machine

On June 30, 2025, the Stratascale Cyber Research Unit (CRU) team identified a critical local privilege escalation vulnerability in sudo, tracked as CVE-2025-32463. This vulnerability, related to sudo's chroot option, can allow an attacker to escalate privileges to root on an affected system. 

Why should our customers care?

This critical vulnerability is reasonably trivial to exploit, and should an attacker gain user-level access to a vulnerable machine, they'll be able to elevate their privileges and have full control over the machine.

It has come to our attention that not many people are aware that sudo has versioning. It is a binary that is constantly iterated upon, which naturally may introduce new vulnerabilities. If administrators and security analysts are not aware of how these vulnerabilities work, this can lead to significant risks and impacts.

Who is it for?

  • Red Teamers
  • Penetration Testers
  • System Administrators

Here is a link to the lab: https://iml.immersivelabs.online/labs/cve-2025-32463-sudo-chroot-elevation-of-privilege-offensive

Published 3 days ago
Version 1.0
No CommentsBe the first to comment