A critical vulnerability has been added to the US Cybersecurity and Infrastructure Security Agency’s (CISA) list of known exploited vulnerabilities. The issue affects Sudo versions prior to 1.9.17p1, allowing local attackers to execute arbitrary commands with root privileges using the -R option. This makes it a potentially devastating attack vector for systems that rely on Sudo for privilege management. With evidence of active exploitation in the wild, system administrators are urged to review their Sudo implementations and apply all necessary updates before October 20, 2025, to prevent significant intrusions.
Note: I simplified the text by breaking down complex sentences into shorter ones, removing technical jargon where possible, and focusing on the main points. I also removed unnecessary information and keywords to make the content more concise.
Source: https://en.softonic.com/articles/linux-has-a-critical-vulnerability-even-if-no-one-really-knows-how-it-is-being-exploited