Exploit for #VU21782 Permissions, Privileges, and Access Controls in Sudo

Vulnerability identifier: #VU21782

Vulnerability risk: Low

CVSSv4.0: 6.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-14287

CWE-ID: CWE-264

Exploitation vector: Local

Exploits in database: 8

• February 27, 2024
  • exploitables (This is repo of CVE explanations alongside their respecitve explanations.) [Github]
• May 12, 2020
  • vulnerability-exploitation (Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287/Google Android - 'Stagefright' Remote Code Execution - CVE-2015-1538) [Github]
  • Exploit-CVE-2019-14287 (Documentation for Sudo Security Bypass - CVE 2019-14287) [Github]
  • Exploiting-a-Linux-kernel-vulnerability (Local Root vulnerability- CVE-2019-13272 / Security Bypass Vulnerability – CVE-2019-14287) [Github]
  • Sudo-Security-Bypass-Vulnerability-CVE-2019-14287- (This is the exploitation of sudo security bypass vulnerability) [Github]
  • Sudo-Security-Bypass-Vulnerability (This is a brief exploitation of CVE-2019-14287 Sudo Security Bypass Vulnerability. ) [Github]
• March 26, 2020
  • SUDO_KILLER (A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regu [Github]
• March 18, 2020
  • CVE-2019-14287 (Sudo exploit) [Github]

Vulnerable software:
Sudo
Client/Desktop applications / Software for system administration

Vendor: Sudo