Security features bypass in gnome-control-center - CVE-2022-1736
Published: May 18, 2022 / Updated: May 27, 2022
Vulnerability identifier: #VU63410
CSH Severity: Low
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-1736
CWE-ID: CWE-254
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
gnome-control-center
gnome-control-center
Software vendor:
Gnome Development Team
Gnome Development Team
Description
The vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to GNOME Settings incorrectly handles the remote
desktop sharing configuration. When turning off desktop sharing, it will be turned on again after reboot.
Remediation
Install update from vendor's website.