CVE-2025-9615
LowCVSS 3.3Exploitation Probability (EPSS)
Low risk6th percentile — higher than 6% of all known CVEs
Summary
A flaw in NetworkManager allows non-root users to access files owned by other users when configuring the network. The daemon runs with root privileges and can read files belonging to users other than the one who added the connection.
Risk Assessment
The organization is at risk of confidential data leakage from network configuration files that unauthorized users may access.
Recommendation
Update NetworkManager to the latest patched version and restrict access permissions to network configuration files.
Original NVD description (English source)
A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection.

