CVE Catalog

CVE-2025-9615

LowCVSS 3.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.16%

6th percentile — higher than 6% of all known CVEs

Summary

A flaw in NetworkManager allows non-root users to access files owned by other users when configuring the network. The daemon runs with root privileges and can read files belonging to users other than the one who added the connection.

Risk Assessment

The organization is at risk of confidential data leakage from network configuration files that unauthorized users may access.

Recommendation

Update NetworkManager to the latest patched version and restrict access permissions to network configuration files.

Original NVD description (English source)

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS