LetsDefend Monitoring Alert

Local Privilege Escalation via chroot CVE-2025-32463

Jul, 04, 2025, 08:10 AM

Event ID: 319

Event Time: Jul, 04, 2025, 08:10 AM

Rule Name: SOC341 - Local Privilege Escalation via chroot CVE-2025-32463

Alert Type: Privilege Escalation

MITRE Technique:
T1059.004 - Execution - Unix Shell,
T1078 - Initial Access - Valid Accounts,
T1609 - Execution - Container Administration Command,
T1548.003 - Defense Evasion - Abuse Elevation Control Mechanism: Sudo and Sudo Caching,

Severity: High

Incident Responder

2025 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166