What is CVE-2023-22809?

CVE-2023-22809 is a vulnerability in N/a. Published 2023-01-18.

Is CVE-2023-22809 known to be exploited?

81 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-22809

In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of fil…

EPSS: 0.554 (98.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf
www.sudo.ws/security/advisories/sudoedit_any/
[debian-lts-announce] 20230118 [SECURITY] [DLA 3272-1] sudo security update (mailing-list)
DSA-5321 (vendor-advisory)
[oss-security] 20230119 CVE-2023-22809: Sudoedit can edit arbitrary files (mailing-list)
FEDORA-2023-9078f609e6 (vendor-advisory)
security.netapp.com/advisory/ntap-20230127-0015/
FEDORA-2023-298c136eee (vendor-advisory)
packetstormsecurity.com/files/171644/sudo-1.9.12p1-Privilege-Escalation.html
GLSA-202305-12 (vendor-advisory)

Frequently asked questions

What is CVE-2023-22809?: CVE-2023-22809 is a vulnerability in N/a. Published 2023-01-18.
Is CVE-2023-22809 known to be exploited?: 81 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.