Run an elevated Pneuma instance using CVE-2019-14287

A problem in the way sudo implemented executing commands with arbitrary user IDs was discovered. If a sudoers item is created to let the attacker to perform a command as any user other than root, the attacker can use this issue to circumvent that restriction. In this TTP we exploit this vulnerability to run an elevated Pneuma instance.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)
Test this TTP using one of our Operator chains
Is my host protected against CVE-2019-14287?


A TTP that exploits CVE-2019-14287 on Linux and MacOS machines