How severe is CVE-2025-32955?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6 out of 10.

What type of vulnerability is CVE-2025-32955?

This is classified as CWE-268, which is a common weakness in software security.

CVE-2025-32955 - MEDIUM Severity | CVSS 6

Vulnerability Description

Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Versions from 0.12.0 to before 2.12.0 are vulnerable to `disable-sudo` bypass. Harden-Runner includes a policy option `disable-sudo` to prevent the GitHub Actions runner user from using sudo. This is implemented by removing the runner user from the sudoers file. However, this control can be bypassed as the runner user, being part of the docker group, can interact with the Docker daemon to launch privileged containers or access the host filesystem. This allows the attacker to regain root access or restore the sudoers file, effectively bypassing the restriction. This issue has been patched in version 2.12.0.

Related Vulnerabilities

CVE-2024-1250

MEDIUM

CVSS:6.5(Medium)

An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able to...

CWE-2682024

CVE-2023-0759

MEDIUM

CVSS:5.3(Medium)

Privilege Chaining in GitHub repository cockpit-hq/cockpit prior to 2.3.8.

CWE-2682023

CVE-2023-2250

MEDIUM

CVSS:6.7(Medium)

A flaw was found in the Open Cluster Management (OCM) when a user have access to the worker nodes which has the cluster-manager-registration-controller or cluster-manager deployments. A malicious user...

CWE-2682023

CVE-2025-20112

MEDIUM

CVSS:5.1(Medium)

A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vu...

CWE-2682025

CVE-2022-1003

MEDIUM

CVSS:4.9(Medium)

One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions, which allows the system administrators to combine the two distinct privileges/capabilities in a way th...

CWE-2682022

CVE-2023-20194

MEDIUM

CVSS:4.9(Medium)

A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerabilit...

CWE-2682023