1 rule found for "Swachchhanda Shrawn Poudel (Nextron Systems)"
Detects the creation of nsswitch.conf files in non-standard directories, which may indicate exploitation of CVE-2025-32463. This vulnerability requires an attacker to create a nsswitch.conf in a directory that will be used during sudo chroot operations. When sudo executes, it loads malicious shared libraries from user-controlled locations within the chroot environment, potentially leading to arbitrary code execution and privilege escalation.