Security researchers have discovered a vulnerability in the Unix-based “sudo” command, which allows users to execute commands with root privileges on a Unix-based system. The vulnerability, named CVE-2023–22809, affects sudo versions ≥ 1.8 and < 1.9.12p2. If exploited, a user can make changes to the system that could cause it to become unstable or even inoperable. To exploit the vulnerability, the user must have limited sudo access to at least one file from the system, and the sudoers file must have a rule allowing access to that file. To mitigate the vulnerability, users should update to sudo version 1.9.12p2 or newer, or add the following line in the sudoers file: “Defaults!sudoedit env_delete+=”SUDO_EDITOR VISUAL EDITOR”. This will remove the environment variables which cause the vulnerability. It’s important to use sudo with caution, as it can be potentially harmful if used improperly.
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net
Source: Medium