CVE-2017-6590
MEDIUMUbuntu Linux - Unauthenticated Local File Access and Command Execution via Network Manager Applet
Title source: llmDescription
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation requires physical access to the locked computer and the Wi-Fi must be turned on. An access point that lets you use a certificate to login is required as well, but it's easy to create one. Then, it's possible to open a nautilus window and browse directories. One also can open some applications such as Firefox, which is useful for downloading malicious binaries.
References (5)
Core 5
Core References
Patch, Vendor Advisory x_refsource_confirm
https://www.ubuntu.com/usn/usn-3217-1/
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201707-09
Issue Tracking, Patch x_refsource_confirm
https://bugs.launchpad.net/ubuntu/+source/network-manager-applet/+bug/1668321
Exploit, Third Party Advisory x_refsource_misc
https://www.youtube.com/watch?v=Fp2lwRVg0l0
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1037977
Scores
CVSS v3
6.3
EPSS
0.0027
EPSS Percentile
18.5%
Attack Vector
PHYSICAL
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-863
Status
published
Products (4)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
16.04
canonical/ubuntu_linux
16.10
Published
Mar 09, 2017
Tracked Since
Feb 18, 2026