CVE-2010-1646 [Medium] | Security Vulnerability in Sudo

CVE-2010-1646 is rated Exploit Available (52.8/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.46%). 2 public exploit reference(s) are indexed (Exploit-DB). Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

EDB-ID	Source	Kind	Published	Link
—	nvd_ref	exploit_tag		Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗

EDB-ID

Source

Kind

Published

Link

—

nvd_ref

exploit_tag

Exploit-DB ↗

—

nvd_ref

exploit_tag

Exploit-DB ↗

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	0.08%	0.46%	+0.38%
2	2025-03-17	0.04%	0.08%	+0.03%
3	2023-03-07	—	0.04%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

0.08%

0.46%

+0.38%

2025-03-17

0.04%

0.08%

+0.03%

2023-03-07

—

0.04%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.2	2.0	MEDIUM	`AV:L/AC:H/Au:N/C:C/I:C/A:C` Click to expand Access vector (AV:L) Requires local access to the target system. Access complexity (AC:H) Exploitation requires uncommon or highly specific conditions. Authentication (AU:N) No authentication is required. Confidentiality impact (C:C) Complete confidentiality impact. Integrity impact (I:C) Complete integrity impact. Availability impact (A:C) Complete availability impact.	1.9	10.0	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

6.2

2.0

MEDIUM

AV:L/AC:H/Au:N/C:C/I:C/A:C Click to expand

Access vector (AV:L): Requires local access to the target system.
Access complexity (AC:H): Exploitation requires uncommon or highly specific conditions.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:C): Complete confidentiality impact.
Integrity impact (I:C): Complete integrity impact.
Availability impact (A:C): Complete availability impact.

1.9

10.0

[email protected]

OS Trackers for CVE-2010-1646

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2010-1646 not yet assigned priority: Debian including 1 source packages (sudo), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2010-1646
`gentoo`	high	CVE-2010-1646: 1 GLSA(s) (201009-03), 1 atom(s) (app-admin/sudo); latest impact high.	https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2010-1646
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2010-1646
`suse`	medium	CVE-2010-1646 severity moderate: SUSE including 29 source package names (sudo, sudo-1.8.10p3-1.62, …), 119 product×package rows across 76 product lines (HPE Helion OpenStack 8, SUSE CaaS Platform 4.0, … (76 product lines)): Known Not Affected 83, Fixed 36.	https://www.suse.com/security/cve/CVE-2010-1646/
`ubuntu`	medium	CVE-2010-1646 medium priority: Ubuntu including 1 source packages (sudo), 6 status rows across 6 suites (dapper, hardy, jaunty, karmic, lucid, upstream): released 6.	https://ubuntu.com/security/CVE-2010-1646

Affected software / configurations for CVE-2010-1646

Vendor	Product	Version	Raw CPE
todd_miller	sudo	1.3.1	cpe:2.3:a:todd_miller:sudo:1.3.1:::::::*
todd_miller	sudo	1.6	cpe:2.3:a:todd_miller:sudo:1.6:::::::*
todd_miller	sudo	1.6.1	cpe:2.3:a:todd_miller:sudo:1.6.1:::::::*
todd_miller	sudo	1.6.2	cpe:2.3:a:todd_miller:sudo:1.6.2:::::::*
todd_miller	sudo	1.6.2p1	cpe:2.3:a:todd_miller:sudo:1.6.2p1:::::::*
todd_miller	sudo	1.6.2p2	cpe:2.3:a:todd_miller:sudo:1.6.2p2:::::::*
todd_miller	sudo	1.6.2p3	cpe:2.3:a:todd_miller:sudo:1.6.2p3:::::::*
todd_miller	sudo	1.6.3	cpe:2.3:a:todd_miller:sudo:1.6.3:::::::*
todd_miller	sudo	1.6.3p1	cpe:2.3:a:todd_miller:sudo:1.6.3p1:::::::*
todd_miller	sudo	1.6.3p2	cpe:2.3:a:todd_miller:sudo:1.6.3p2:::::::*
todd_miller	sudo	1.6.3p3	cpe:2.3:a:todd_miller:sudo:1.6.3p3:::::::*
todd_miller	sudo	1.6.3p4	cpe:2.3:a:todd_miller:sudo:1.6.3p4:::::::*
todd_miller	sudo	1.6.3p5	cpe:2.3:a:todd_miller:sudo:1.6.3p5:::::::*
todd_miller	sudo	1.6.3p6	cpe:2.3:a:todd_miller:sudo:1.6.3p6:::::::*
todd_miller	sudo	1.6.3p7	cpe:2.3:a:todd_miller:sudo:1.6.3p7:::::::*
todd_miller	sudo	1.6.4	cpe:2.3:a:todd_miller:sudo:1.6.4:::::::*
todd_miller	sudo	1.6.4p1	cpe:2.3:a:todd_miller:sudo:1.6.4p1:::::::*
todd_miller	sudo	1.6.4p2	cpe:2.3:a:todd_miller:sudo:1.6.4p2:::::::*
todd_miller	sudo	1.6.5	cpe:2.3:a:todd_miller:sudo:1.6.5:::::::*
todd_miller	sudo	1.6.5p1	cpe:2.3:a:todd_miller:sudo:1.6.5p1:::::::*
todd_miller	sudo	1.6.5p2	cpe:2.3:a:todd_miller:sudo:1.6.5p2:::::::*
todd_miller	sudo	1.6.6	cpe:2.3:a:todd_miller:sudo:1.6.6:::::::*
todd_miller	sudo	1.6.7	cpe:2.3:a:todd_miller:sudo:1.6.7:::::::*
todd_miller	sudo	1.6.7p1	cpe:2.3:a:todd_miller:sudo:1.6.7p1:::::::*
todd_miller	sudo	1.6.7p2	cpe:2.3:a:todd_miller:sudo:1.6.7p2:::::::*
todd_miller	sudo	1.6.7p3	cpe:2.3:a:todd_miller:sudo:1.6.7p3:::::::*
todd_miller	sudo	1.6.7p4	cpe:2.3:a:todd_miller:sudo:1.6.7p4:::::::*
todd_miller	sudo	1.6.7p5	cpe:2.3:a:todd_miller:sudo:1.6.7p5:::::::*
todd_miller	sudo	1.6.8	cpe:2.3:a:todd_miller:sudo:1.6.8:::::::*
todd_miller	sudo	1.6.8p1	cpe:2.3:a:todd_miller:sudo:1.6.8p1:::::::*
todd_miller	sudo	1.6.8p2	cpe:2.3:a:todd_miller:sudo:1.6.8p2:::::::*
todd_miller	sudo	1.6.8p3	cpe:2.3:a:todd_miller:sudo:1.6.8p3:::::::*
todd_miller	sudo	1.6.8p4	cpe:2.3:a:todd_miller:sudo:1.6.8p4:::::::*
todd_miller	sudo	1.6.8p5	cpe:2.3:a:todd_miller:sudo:1.6.8p5:::::::*
todd_miller	sudo	1.6.8p6	cpe:2.3:a:todd_miller:sudo:1.6.8p6:::::::*
todd_miller	sudo	1.6.8p7	cpe:2.3:a:todd_miller:sudo:1.6.8p7:::::::*
todd_miller	sudo	1.6.8p8	cpe:2.3:a:todd_miller:sudo:1.6.8p8:::::::*
todd_miller	sudo	1.6.8p9	cpe:2.3:a:todd_miller:sudo:1.6.8p9:::::::*
todd_miller	sudo	1.6.8p10	cpe:2.3:a:todd_miller:sudo:1.6.8p10:::::::*
todd_miller	sudo	1.6.8p11	cpe:2.3:a:todd_miller:sudo:1.6.8p11:::::::*
todd_miller	sudo	1.6.8p12	cpe:2.3:a:todd_miller:sudo:1.6.8p12:::::::*
todd_miller	sudo	1.6.9	cpe:2.3:a:todd_miller:sudo:1.6.9:::::::*
todd_miller	sudo	1.6.9p1	cpe:2.3:a:todd_miller:sudo:1.6.9p1:::::::*
todd_miller	sudo	1.6.9p2	cpe:2.3:a:todd_miller:sudo:1.6.9p2:::::::*
todd_miller	sudo	1.6.9p3	cpe:2.3:a:todd_miller:sudo:1.6.9p3:::::::*
todd_miller	sudo	1.6.9p4	cpe:2.3:a:todd_miller:sudo:1.6.9p4:::::::*
todd_miller	sudo	1.6.9p5	cpe:2.3:a:todd_miller:sudo:1.6.9p5:::::::*
todd_miller	sudo	1.6.9p6	cpe:2.3:a:todd_miller:sudo:1.6.9p6:::::::*
todd_miller	sudo	1.6.9p7	cpe:2.3:a:todd_miller:sudo:1.6.9p7:::::::*
todd_miller	sudo	1.6.9p8	cpe:2.3:a:todd_miller:sudo:1.6.9p8:::::::*
todd_miller	sudo	1.6.9p9	cpe:2.3:a:todd_miller:sudo:1.6.9p9:::::::*
todd_miller	sudo	1.6.9p10	cpe:2.3:a:todd_miller:sudo:1.6.9p10:::::::*
todd_miller	sudo	1.6.9p11	cpe:2.3:a:todd_miller:sudo:1.6.9p11:::::::*
todd_miller	sudo	1.6.9p12	cpe:2.3:a:todd_miller:sudo:1.6.9p12:::::::*
todd_miller	sudo	1.6.9p13	cpe:2.3:a:todd_miller:sudo:1.6.9p13:::::::*
todd_miller	sudo	1.6.9p14	cpe:2.3:a:todd_miller:sudo:1.6.9p14:::::::*
todd_miller	sudo	1.6.9p15	cpe:2.3:a:todd_miller:sudo:1.6.9p15:::::::*
todd_miller	sudo	1.6.9p16	cpe:2.3:a:todd_miller:sudo:1.6.9p16:::::::*
todd_miller	sudo	1.6.9p17	cpe:2.3:a:todd_miller:sudo:1.6.9p17:::::::*
todd_miller	sudo	1.6.9p18	cpe:2.3:a:todd_miller:sudo:1.6.9p18:::::::*
todd_miller	sudo	1.6.9p19	cpe:2.3:a:todd_miller:sudo:1.6.9p19:::::::*
todd_miller	sudo	1.6.9p20	cpe:2.3:a:todd_miller:sudo:1.6.9p20:::::::*
todd_miller	sudo	1.6.9p21	cpe:2.3:a:todd_miller:sudo:1.6.9p21:::::::*
todd_miller	sudo	1.6.9p22	cpe:2.3:a:todd_miller:sudo:1.6.9p22:::::::*
todd_miller	sudo	1.7.0	cpe:2.3:a:todd_miller:sudo:1.7.0:::::::*
todd_miller	sudo	1.7.1	cpe:2.3:a:todd_miller:sudo:1.7.1:::::::*
todd_miller	sudo	1.7.2	cpe:2.3:a:todd_miller:sudo:1.7.2:::::::*
todd_miller	sudo	1.7.2p1	cpe:2.3:a:todd_miller:sudo:1.7.2p1:::::::*
todd_miller	sudo	1.7.2p2	cpe:2.3:a:todd_miller:sudo:1.7.2p2:::::::*
todd_miller	sudo	1.7.2p3	cpe:2.3:a:todd_miller:sudo:1.7.2p3:::::::*
todd_miller	sudo	1.7.2p4	cpe:2.3:a:todd_miller:sudo:1.7.2p4:::::::*
todd_miller	sudo	1.7.2p5	cpe:2.3:a:todd_miller:sudo:1.7.2p5:::::::*
todd_miller	sudo	1.7.2p6	cpe:2.3:a:todd_miller:sudo:1.7.2p6:::::::*
todd_miller	sudo	1.7.2p7	cpe:2.3:a:todd_miller:sudo:1.7.2p7:::::::*

References for CVE-2010-1646

URL	Tags
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042838.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043012.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043026.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/40002	Vendor Advisory
http://secunia.com/advisories/40188
http://secunia.com/advisories/40215
http://secunia.com/advisories/40508
http://secunia.com/advisories/43068
http://security.gentoo.org/glsa/glsa-201009-03.xml
http://wiki.rpath.com/Advisories:rPSA-2010-0075
http://www.debian.org/security/2010/dsa-2062
http://www.mandriva.com/security/advisories?name=MDVSA-2010:118
http://www.osvdb.org/65083
http://www.redhat.com/support/errata/RHSA-2010-0475.html
http://www.securityfocus.com/archive/1/514489/100/0/threaded
http://www.securityfocus.com/bid/40538
http://www.securitytracker.com/id?1024101
http://www.sudo.ws/repos/sudo/rev/3057fde43cf0	Exploit Patch
http://www.sudo.ws/repos/sudo/rev/a09c6812eaec	Exploit Patch
http://www.sudo.ws/sudo/alerts/secure_path.html	Vendor Advisory
http://www.vupen.com/english/advisories/2010/1452
http://www.vupen.com/english/advisories/2010/1478
http://www.vupen.com/english/advisories/2010/1518
http://www.vupen.com/english/advisories/2010/1519
http://www.vupen.com/english/advisories/2011/0212
https://bugzilla.redhat.com/show_bug.cgi?id=598154
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10580
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7338

URL

CVE-2010-1646

Public exploit references (Exploit-DB) for CVE-2010-1646

Exploit prediction scoring system (EPSS) score for CVE-2010-1646

Common vulnerability scoring system (CVSS) metrics for CVE-2010-1646

Weakness enumeration for CVE-2010-1646

OS Trackers for CVE-2010-1646

Affected software / configurations for CVE-2010-1646

References for CVE-2010-1646