diff --git a/check_packages2install b/check_packages2install
index b51f28cd95566e2836b8eb2682b06f5e3a097dab..9d6c2cc6cc5f0c6575d42069fb95752fa7628f6d 100755
--- a/check_packages2install
+++ b/check_packages2install
@@ -25,11 +25,12 @@
 #                                            rename package manager functions
 # 2022-10-21  v1.11 <axel.hahn@unibe.ch>     remove grep: warning: stray \ before white space
 # 2023-08-24  v1.12 <axel.hahn@unibe.ch>     update help; rename to getSecurityCount
+# 2023-10-20  v1.13  ah  harden sudo command execution
 # ======================================================================
 
 
 . $(dirname $0)/inc_pluginfunctions
-self_APPVERSION=1.12
+self_APPVERSION=1.13
 
 readonly iWarnDefault=1
 readonly iCriticalDefault=200
@@ -229,6 +230,9 @@ fi
 . "${dir_pkg}/${pkgmanager}.sh" || exit 2
 
 packagemanOut=$( ${pkgmanager}.getUpdates )
+if grep "sudo: " <<< "$packagemanOut" >/dev/null; then
+  ph.abort "No sudo permissions on ${pkgmanager}?"
+fi
 
 if [ -z "$packagemanOut" ]; then
   ph.setStatus "critical"
diff --git a/check_packages2install-pkgmanager/apt.sh b/check_packages2install-pkgmanager/apt.sh
index b7c16a6e925be6fbde3de9c8233088358fd67361..d8c1270f875349ea39c19da0e7228b51daf781d0 100644
--- a/check_packages2install-pkgmanager/apt.sh
+++ b/check_packages2install-pkgmanager/apt.sh
@@ -12,13 +12,14 @@
 # 2022-06-07  v1.1  ah  remove text "Nothing to install"
 #                       rename functions
 # 2022-10-21  v1.3  ah  remove grep: warning: stray \ before white space
+# 2023-10-20  v1.4  ah  harden sudo command execution
 # ===============================================================
 
 
 # ---------------------------------------------------------------
 # command to list of updates
 function apt.getUpdates(){
-    sudo apt-get -u upgrade --assume-no
+    sudo -n apt-get -u upgrade --assume-no
 }
 
 # ---------------------------------------------------------------
diff --git a/check_packages2install-pkgmanager/pamac.sh b/check_packages2install-pkgmanager/pamac.sh
index 5915ce2c62479f000edea1aa7644b0af9693a108..547b98e82f5ca53fa7e58831b78c922cc06d3d21 100644
--- a/check_packages2install-pkgmanager/pamac.sh
+++ b/check_packages2install-pkgmanager/pamac.sh
@@ -10,12 +10,13 @@
 # ah <axel.hahn@iml.unibe.ch>
 # 2022-06-03  v1.0  ah  first version
 # 2022-06-07  v1.1  ah  rename functions
+# 2023-10-20  v1.2  ah  harden sudo command execution
 # ===============================================================
 
 # ---------------------------------------------------------------
 # command to list of updates
 function pamac.getUpdates(){
-    pamac checkupdates
+    sudo -n pamac checkupdates
 }
 
 # ---------------------------------------------------------------
diff --git a/check_packages2install-pkgmanager/yum.sh b/check_packages2install-pkgmanager/yum.sh
index c3f02c375f54b74d8d657d17cf0130893ae348b1..c875ff7dbdc381aa6175cf0c9ab1077f42608635 100644
--- a/check_packages2install-pkgmanager/yum.sh
+++ b/check_packages2install-pkgmanager/yum.sh
@@ -16,13 +16,14 @@
 # 2023-08-24  v1.4  ah  centos9: update getStatusLine() + getSecurityCount
 # 2023-08-25  v1.5  ah  centos9: fix package lists
 # 2023-09-12  v1.6  ah  almalinux9: fix package lists
+# 2023-10-20  v1.7  ah  harden sudo command execution
 # ===============================================================
 
 
 # ---------------------------------------------------------------
 # command to list of updates
 function yum.getUpdates(){
-    sudo /usr/bin/yum -y check-update
+    sudo -n /usr/bin/yum -y check-update
 }
 
 # ---------------------------------------------------------------