CVE-2025-9615
published 2026-01-26CVE-2025-9615: A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to…
PriorityP416low3.3CVSS 3.0
AVLACLPRLUINSUCLINAN
EPSS
0.16%
5.8th percentile
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | network-manager | < network-manager 1.54.3-1 (forky) | network-manager 1.54.3-1 (forky) |
| network-manager_project | network-manager | >= 0 < 1.54.3-1 | 1.54.3-1 |
CVSS provenance
nvdv3.03.3LOWCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
osv3.3LOW
vendor_debian3.3LOW
vendor_redhat3.3LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2025-9615: A flaw was found in NetworkManager
osv·2026-01-26·CVSS 3.3
CVE-2025-9615 [LOW] CVE-2025-9615: A flaw was found in NetworkManager
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
GHSA
GHSA-w24g-6mf8-65cj: A flaw was found in NetworkManager
ghsa_unreviewed·2026-01-26
CVE-2025-9615 [LOW] CWE-281 GHSA-w24g-6mf8-65cj: A flaw was found in NetworkManager
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
Red Hat
NetworkManager: NetworkManager File Access
vendor_redhat·2025-12-12·CVSS 3.3
CVE-2025-9615 [LOW] CWE-281 NetworkManager: NetworkManager File Access
NetworkManager: NetworkManager File Access
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
Mitigation: SELinux is shipped out of the box in targeted enforcing mode, which prevents processes from having unwanted permission
Debian
CVE-2025-9615: network-manager - A flaw was found in NetworkManager. The NetworkManager package allows access to ...
vendor_debian·2025·CVSS 3.3
CVE-2025-9615 [LOW] CVE-2025-9615: network-manager - A flaw was found in NetworkManager. The NetworkManager package allows access to ...
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
Scope: local
bookworm: open
bullseye: open
forky: resolved (fixed in 1.54.3-1)
sid: resolved (fixed in 1.54.3-1)
trixie: open
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-62291 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.7
CVE-2025-62291 [HIGH] CVE-2025-62291 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-62291 :
strongSwan vulnerability analysis and mitigation
In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.
Source : NVD
## 8.1
Score
Published January 16, 2026
Severity HIGH
CNA Score 8.1
Affected Technologies
strongSwan
Linux Fedora
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 2.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
strongswan-debugsource
strongswan-libipsec
Sources
NVD
Alpine 3.20, 3.21, 3.22 Severity HIGH Has Fix Added at: Nov 09, 2025
Alpine
Wiz
CVE-2025-9615 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.7
CVE-2025-9615 [HIGH] CVE-2025-9615 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-9615 :
strongSwan vulnerability analysis and mitigation
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.
Source : NVD
## 3.3
Score
Published January 26, 2026
Severity LOW
CNA Score 3.3
Affected Technologies
strongSwan
Linux Debian
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
NetworkManager-config-connectivity-fedora
NetworkManager
Sourc
Wiz
CVE-2026-25075 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.7
CVE-2026-25075 [HIGH] CVE-2026-25075 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-25075 :
strongSwan vulnerability analysis and mitigation
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the failure to validate AVP length fields before subtraction to trigger excessive memory allocation or NULL pointer dereference, crashing the charon IKE daemon.
Source : NVD
## 8.7
Score
Published March 23, 2026
Severity HIGH
CNA Score 8.7
Affected Technologies
strongSwan
Linux openSUSE
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EP
Bugzilla
Adaptations for CVE-2025-9615 (NetworkManager)
bugzilla·2026-01-10·CVSS 3.3
CVE-2025-9615 [LOW] Adaptations for CVE-2025-9615 (NetworkManager)
Adaptations for CVE-2025-9615 (NetworkManager)
Necessary code adaptations required to conform with NetworkManager, after NetworkManager addressed CVE-2025-9615. The fixes include safer and correct file/certificate access.
Reproducible: Always
Discussion:
See upstream fix at:
https://github.com/danfruehauf/NetworkManager-ssh/pull/137
---
FEDORA-2026-87e30fe05b (NetworkManager-ssh-1.4.3-1.fc45) has been submitted as an update to Fedora 45.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-87e30fe05b
---
FEDORA-2026-87e30fe05b (NetworkManager-ssh-1.4.3-1.fc45) has been pushed to the Fedora 45 stable repository.
If problem still persists, please make note of it in this bug report.
---
FEDORA-2026-7c83223889 (NetworkManager-ssh-1.4.3-1.fc43) has been submitted as an update to Fedora
Bugzilla
CVE-2025-9615 NetworkManager: NetworkManager File Access
bugzilla·2025-08-28·CVSS 3.3
CVE-2025-9615 [LOW] CVE-2025-9615 NetworkManager: NetworkManager File Access
CVE-2025-9615 NetworkManager: NetworkManager File Access
A flaw was found in NetworkManager. NetworkManager package allows access files that may belong to other users. NetworkManager allows non-root users to configure the network on the system. The daemon runs as root and, as such, is able to access files that are owned by users different from the one who added the connection.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10
Via RHSA-2026:18142 https://access.redhat.com/errata/RHSA-2026:18142
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 9
Via RHSA-2026:18597 https://access.redhat.com/errata/RHSA-2026:18597
https://access.redhat.com/errata/RHSA-2026:18142https://access.redhat.com/errata/RHSA-2026:18597https://access.redhat.com/security/cve/CVE-2025-9615https://bugzilla.redhat.com/show_bug.cgi?id=2391503https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/1809https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2324https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2327
2026-01-26
Published