Back to Blog
Products and Tools

Metasploit Weekly Wrap-Up 08/22/2025

Brendan Watters
Brendan Watters
|Last updated on Aug 22, 2025|xx min read
Metasploit Weekly Wrap-Up 08/22/2025

An Early Festivus Airing of Grievances

Want to tell us how much you like us? (We hope!) Want to tell us how much you hate us? (We hope not!) We are somewhat familiar with the reclusive security expert lifestyle, as it is our own, but we are asking our users and non-users to steel themselves and take a survey to let us know how we can make Metasploit better: https://docs.google.com/forms/d/e/1FAIpQLSd9fgpXmyHOYViSaS6jK_6f1Y1nVSU_eA4UH-fWKYeO5HLvww/viewform

New module content (1)

Netdata ndsudo privilege escalation

Authors: mia-0 and msutovsky-r7

Type: Exploit Pull request: #20460 contributed by msutovsky-r7 

Path: linux/local/ndsudo_cve_2024_32019 

AttackerKB reference: CVE-2024-32019

Description: Adds a module for CVE-2024-32019 - privilege escalation for ndsudo.

Enhancements and features (3)

  • #20457 from adfoster-r7 - Updates modules that reference a Kerberos credential cache path or PKCS12 certificate to support reading from a file on disk, or a database id with the syntax id:123.
  • #20469 from adfoster-r7 - Improves Kerberos file load error messages. Users are now told when setting an invalid Kerberos krb5ccname credential cache file why it is not suitable for use in a module, e.g. being expired, mismatched realm, sname, etc.
  • #20471 from zeroSteiner - Adds an enhancement to the ldap_esc_vulnerable_cert_finder module. The module will now check for enrollment permissions on both the template and CA server, meaning users can filter their results to only show templates that are vulnerable and that they have the necessary permissions to enroll in; this can be done using the new REPORT datastore option.

Bugs fixed (1)

  • #20485 from adfoster-r7 - Removes an errant call to a non-existent super method under a specific set of conditions.

Documentation added (1)

  • #20429 from jphamgithub - Update and Consolidate Communication Channels in Documentation.

You can always find more documentation on our docsite at docs.metasploit.com.

Get it

As always, you can update to the latest Metasploit Framework with msfupdate and you can get more details on the changes since the last blog post from GitHub:

If you are a git user, you can clone the Metasploit Framework repo (master branch) for the latest. To install fresh without using git, you can use the open-source-only Nightly Installers or the commercial edition Metasploit Pro

LinkedInFacebookXBluesky

Article Tags

Brendan Watters
Brendan Watters
Author Posts

Related blog posts