CVE-2025-32955: Security mechanism bypass in Harden-Runner Github Action

CVE-2025-32955 is a vulnerability discovered in the Harden-Runner GitHub Action, a widely used security tool in CI/CD environments, which allowed attackers to bypass its disable-sudo security mechanism, thus enabling them to execute code with elevated privileges undetected. This vulnerability, now patched in version v2.12.0, was found by the Sysdig Threat Research Team and involved exploiting the Linux runner user account's membership in the Docker group, which allowed the execution of privileged operations by restoring the sudoers file. As a result, attackers could disrupt security mechanisms and compromise the integrity and availability of Harden-Runner's protections. Users are advised to update to the latest version to mitigate this risk, as the vulnerability underscores the growing threat of supply chain attacks in modern security frameworks.