CVE-2026-35535
HIGH EPSS 5.1%
Published Apr 3, 20262mo ago · Modified Jun 17, 20261w ago
7.8 CVSS 3.1
Published Apr 3, 2026 2mo ago
Last Modified Jun 17, 2026 1w ago
Description
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
5.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-271
Affected Products 6
| Vendor | Product | Version | Range |
|---|---|---|---|
| sudo_project | sudo | * | <1.9.17 |
| sudo_project | sudo | 1.9.17 | any |
| sudo_project | sudo | 1.9.17 | any |
| sudo_project | sudo | 1.9.17 | any |
| siemens | sinec_os | * | <4.0 |
| siemens | ruggedcom_rst2428p | * | any |
References 6
- bugs.debian.org https://bugs.debian.org/1130593
- bugs.launchpad.net https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/2143042
- cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-253495.html
- github.com https://github.com/sudo-project/sudo/commit/3e474c2f201484be83d994ae10a4e20e8c81bb69
- lists.debian.org https://lists.debian.org/debian-lts-announce/2026/06/msg00003.html
- qualys.com https://www.qualys.com/2026/03/10/crack-armor.txt
Remediation
- github.com https://github.com/sudo-project/sudo/commit/3e474c2f201484be83d994ae10a4e20e8c81bb69