Networkmanager: networkmanager file access_CVE-2025-9615

3.3 / 10

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

Basic Information

ID CVE-2025-9615

Source redhat

Published Jan 26, 2026 at 19:58

Modified Jan 26, 2026 at 20:15

Affected Product

Vendor Red Hat

Product Red Hat Enterprise Linux 10

CWE Classification

CWE-281

References

{
    "lastseen": "",
    "description": "A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.",
    "published": "2026-01-26T19:58:17.401Z",
    "modified": "2026-01-26T20:15:40.818Z",
    "type": "cve",
    "title": "Networkmanager: networkmanager file access",
    "source": "redhat",
    "references": "https://access.redhat.com/security/cve/CVE-2025-9615\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2391503\nhttps://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1809\nhttps://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2324\nhttps://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2327",
    "id": "CVE-2025-9615",
    "bulletinFamily": "",
    "cwe": [
        "CWE-281"
    ],
    "cvelist": null,
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 3.3,
        "severity": "LOW",
        "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Red Hat Enterprise Linux 10",
    "version": "",
    "vendor": "Red Hat",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}