Mia-0

**Name of the Vulnerable Software and Affected Versions** Netdata versions prior to 1.45.3 Netdata versions prior to 1.45.2-169 **Description** Netdata is an open source observability tool. The `ndsudo` tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The `ndsudo` tool is packaged as a `root`-owned executable with the SUID bit set. It only runs a restricted set of external commands, but its search paths are supplied by the `PATH` environment variable. This allows an attacker to control where `ndsudo` looks for these commands, which may be a path the attacker has write access to. This may lead to local privilege escalation. The estimated number of potentially affected devices worldwide is not explicitly stated, but Netdata's popularity, with over 68k stars on Github, means that many systems could be at risk. **Recommendations** For Netdata versions prior to 1.45.3, upgrade to version 1.45.3 or later. For Netdata versions prior to 1.45.2-169, upgrade to version 1.45.2-169 or later. As a temporary workaround, consider restricting the `PATH` environment variable to prevent an attacker from controlling where `ndsudo` looks for external commands. Avoid using the `ndsudo` tool until the issue is resolved.