CVE-2025-65807 – This vulnerability in sd command v1.0.0 and ear... (How to Fix)

📋 TL;DR

This vulnerability in sd command v1.0.0 and earlier allows attackers to escalate privileges to root via specially crafted commands. It affects systems where sd command is installed and accessible to users with limited privileges. The vulnerability enables local privilege escalation attacks.

💻 Affected Systems

Products:

sd command-line tool

Versions: v1.0.0 and earlier

Operating Systems: Linux, Unix-like systems

Default Config Vulnerable: ⚠️ Yes

Notes: Affects systems where sd command is installed and accessible to non-root users. The vulnerability is in the command's privilege handling.

📦 What is this software?

Sd by Chmln

View all CVEs affecting Sd →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with root access, allowing attackers to install persistent backdoors, access all data, and control the entire system.

🟠

Likely Case

Local privilege escalation where a low-privileged user gains root access, potentially leading to lateral movement within the network.

🟢

If Mitigated

Limited impact if proper privilege separation and access controls prevent unauthorized users from executing sd commands.

🌐 Internet-Facing: LOW - This is primarily a local privilege escalation vulnerability requiring local access to the system.

🏢 Internal Only: HIGH - Internal users with access to vulnerable systems can exploit this to gain root privileges.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires local access to the system and ability to execute sd command. The GitHub gist reference likely contains proof-of-concept code.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v1.0.1 or later

Vendor Advisory: https://github.com/chmln/sd

Restart Required: No

Instructions:

1. Check current sd version: sd --version
2. Update sd using package manager: sudo apt update && sudo apt upgrade sd (Debian/Ubuntu) or equivalent for your distribution
3. Alternatively, download latest release from GitHub: https://github.com/chmln/sd/releases

🔧 Temporary Workarounds

Remove setuid/setgid permissions

linux

Remove special privileges from sd binary to prevent privilege escalation

sudo chmod u-s,g-s $(which sd)

Restrict sd command access

linux

Limit which users can execute sd command

sudo chmod 750 $(which sd)
sudo chown root:trustedgroup $(which sd)

🧯 If You Can't Patch

Remove sd command from systems where it's not essential
Implement strict access controls and monitor for suspicious privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check sd version: sd --version | grep -E '1\.0\.0|earlier'

Check Version:

sd --version

Verify Fix Applied:

Verify sd version is 1.0.1 or later: sd --version

📡 Detection & Monitoring

Log Indicators:

Unusual privilege escalation attempts
sd command execution with suspicious arguments
Failed sudo/su attempts followed by sd usage

Network Indicators:

Not applicable - local privilege escalation

SIEM Query:

process.name="sd" AND (user.name!="root" AND process.parent.name!="root")

📊 Metadata

CVE ID: CVE-2025-65807

CVSS v3 Score: 8.4 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-266

EPSS Score: 0.02% exploit probability (5th percentile)

Published: December 10, 2025

Last Updated: December 17, 2025

🔗 References

http://sd.com Not Applicable
https://gist.github.com/faabbi/827f10e144fdd342e13a3dd838902e83 Exploit,Third Party Advisory
https://github.com/chmln/sd Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65807, you might also want to check these: