Sudo security update to version 1.9.17p1 (MINDBREEZE36510)

ID: MINDBREEZE36510 
Affected Components: Mindbreeze InSpire, Mindbreeze InSpire SaaS 
Severity: 7.8 High 
Status: Final 
First published: August 26, 2025 
CVEs:  CVE-2025-32462, CVE-2025-32463 

Summary 

• Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
• Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. 

Hotfix Information 

Fixed with following versions of Mindbreeze InSpire On-Premises or Mindbreeze InSpire SaaS: 

• Mindbreeze InSpire 25.4 Hotfix 1 Release
• Mindbreeze InSpire SaaS 25.4 Hotfix 1 Release