File Access Flaw in NetworkManager by Red Hat
CVE-2025-9615

3.3LOW

Key Information:

Vendor

Red Hat
Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
26 January 2026

What is CVE-2025-9615?

A security issue in NetworkManager allows non-root users to potentially access files owned by other users due to improper permissions. The NetworkManager daemon, which runs with elevated privileges, is designed to enable users to manage network configurations without administrative rights. However, this flaw can inadvertently expose sensitive files, leading to unauthorized data access and privacy concerns. It is crucial for system administrators to review configurations and apply necessary patches to mitigate this risk.

References

https://access.redhat.com/security/cve/CVE-2025-9615
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2391503
issue-trackingx_refsource_REDHAT
https://gitlab.freedesktop.org/NetworkManager/NetworkMana...

CVSS V3.0

Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.