CVE-2025-46718 is a vulnerability identified in sudo-rs, a Rust-based, memory-safe reimplementation of the traditional sudo and su utilities. The flaw exists in versions prior to 0.2.6 and allows users with limited sudo privileges—specifically those permitted to execute only a single command—to enumerate the sudo privileges of other users by leveraging the `-U` flag. This enumeration exposes sensitive system information, namely the sudoers file contents, which detail user permissions and command execution rights. The vulnerability is classified under CWE-497, which pertains to the exposure of sensitive system information to unauthorized control spheres. The issue arises because the sudo-rs implementation did not sufficiently restrict access to the privilege listing functionality, thereby allowing limited-privilege users to gain insight into the sudo configuration beyond their authorized scope. Notably, systems where users either lack sudo privileges entirely or have unrestricted sudo access (the default on many systems) are not affected. The vulnerability has a CVSS v3.1 base score of 3.3, indicating a low severity level, with an attack vector of local access, low complexity, requiring privileges but no user interaction, and impacts confidentiality only without affecting integrity or availability. No known exploits are reported in the wild, and the issue is resolved in version 0.2.6 of sudo-rs.

For European organizations, the primary impact of this vulnerability lies in the potential exposure of sudo privilege configurations, which could aid attackers in crafting more targeted privilege escalation or lateral movement attacks. While the vulnerability does not directly allow privilege escalation or system compromise, the disclosure of sudoers file information can facilitate reconnaissance efforts by malicious insiders or compromised low-privilege accounts. This could lead to more effective exploitation of other vulnerabilities or misconfigurations. Organizations with strict role-based access controls and limited sudo privileges per user are more likely to be affected, as the vulnerability specifically targets scenarios where users have restricted sudo command execution rights. However, organizations that rely on traditional sudo implementations or grant broad sudo access may not be impacted. Given the low CVSS score and absence of known exploits, the immediate risk is limited, but the exposure of sensitive permission data could contribute to a broader attack chain if combined with other vulnerabilities or social engineering tactics.

European organizations using sudo-rs should upgrade to version 0.2.6 or later to remediate this vulnerability. Beyond patching, administrators should audit sudo configurations to ensure that users have the minimum necessary privileges and that privilege assignments are tightly controlled. Implementing strict monitoring and logging of sudo command usage can help detect anomalous privilege enumeration attempts. Additionally, organizations should consider restricting access to systems running sudo-rs to trusted users only and employ multi-factor authentication to reduce the risk of compromised accounts being leveraged to exploit this vulnerability. Since the vulnerability requires local access with limited sudo privileges, enforcing strong endpoint security controls and user behavior analytics can further mitigate risk. Finally, educating users about the risks of privilege enumeration and encouraging prompt reporting of suspicious activities can enhance overall security posture.