CVE-2012-1096

MEDIUM

NetworkManager <0.9 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-1096. PoCs published by Ludwig.

AI-analyzed exploit summary This exploit leverages a local arbitrary file-access vulnerability in GNOME NetworkManager by interacting with the D-Bus interface to read arbitrary files. It demonstrates the vulnerability by enumerating wireless access points and their properties.

Description

NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ludwig · pythonlocallinux

https://www.exploit-db.com/exploits/36887

View Code ZIP pw:eip

This exploit leverages a local arbitrary file-access vulnerability in GNOME NetworkManager by interacting with the D-Bus interface to read arbitrary files. It demonstrates the vulnerability by enumerating wireless access points and their properties.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: GNOME NetworkManager 0.6, 0.7, 0.9

No auth needed

Prerequisites: Local access to the system · NetworkManager running with D-Bus interface exposed

MITRE ATT&CK

T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Third Party Advisory x_refsource_misc

https://security-tracker.debian.org/tracker/CVE-2012-1096

Issue Tracking, Third Party Advisory x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1096

Issue Tracking, Third Party Advisory x_refsource_misc

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-1096

Third Party Advisory x_refsource_misc

https://access.redhat.com/security/cve/cve-2012-1096

Mailing List, Third Party Advisory x_refsource_misc

http://www.openwall.com/lists/oss-security/2012/03/02/3

Issue Tracking, Vendor Advisory x_refsource_misc

https://bugzilla.gnome.org/show_bug.cgi?id=793329

Scores

CVSS v3 5.5

EPSS 0.0071

EPSS Percentile 48.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-295

Status published

Products (4)

debian/debian_linux 8.0

debian/debian_linux 9.0

debian/debian_linux 10.0

gnome/networkmanager < 0.9.0

Published Mar 10, 2020

Tracked Since Feb 18, 2026