diff --git a/rules/linux/lnx_sudo_cve_2019_14287.yml b/rules/linux/lnx_sudo_cve_2019_14287.yml
index 1d442332..97527ab6 100644
--- a/rules/linux/lnx_sudo_cve_2019_14287.yml
+++ b/rules/linux/lnx_sudo_cve_2019_14287.yml
@@ -22,12 +22,15 @@ level: critical
 detection:
     selection_keywords:
         - '* -u#-1*'
+        - '* -u#-01*'
+        - '* -u#-001*'
+        - '* -u#-000*'
         - '* -u#4294967295*'
     condition: selection_keywords
 --- 
 detection:
     selection_user:
         USER:
-            - '#-1'
+            - '#-*'
             - '#4294967295'
     condition: selection_user
\ No newline at end of file