Description
A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.
Published: 2026-06-04
Score: 6.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Workaround

To prevent exploitation, ensure NetworkManager is not configured to use the `dhclient` backend. The default configuration on Red Hat Enterprise Linux does not enable `dhclient`. If a custom configuration file, such as `/etc/NetworkManager/conf.d/00-dhcp.conf`, contains `[main] dhcp=dhclient`, remove or comment out this line. After modifying the configuration, restart the NetworkManager service: `sudo systemctl restart NetworkManager` Warning: Restarting the NetworkManager service will temporarily disrupt network connectivity.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 05 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat jboss Enterprise Application Platform Expansion Pack
Redhat multicluster Engine For Kubernetes
Redhat networkmanager
Redhat openshift Container Platform
Vendors & Products Redhat jboss Enterprise Application Platform Expansion Pack
Redhat multicluster Engine For Kubernetes
Redhat networkmanager
Redhat openshift Container Platform

Thu, 04 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 12:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Thu, 04 Jun 2026 05:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in NetworkManager. This local privilege escalation vulnerability exists in NetworkManager's dhclient backend when processing malformed Manufacturer Usage Description (MUD) URLs. A local user can exploit this flaw to escalate privileges by triggering a script via a crafted MUD URL, provided an administrator has explicitly configured NetworkManager to use dhclient. This issue does not affect default configurations of NetworkManager.
Title Networkmanager: networkmanager: local privilege escalation via malformed mud urls in dhclient backend
First Time appeared Redhat
Redhat enterprise Linux
Redhat jbosseapxp
Redhat multicluster Engine
Redhat openshift
Weaknesses CWE-78
CPEs cpe:/a:redhat:jbosseapxp
cpe:/a:redhat:multicluster_engine
cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat jbosseapxp
Redhat multicluster Engine
Redhat openshift
References
Metrics cvssV3_1

{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Redhat Enterprise Linux Jboss Enterprise Application Platform Expansion Pack Jbosseapxp Multicluster Engine Multicluster Engine For Kubernetes Networkmanager Openshift Openshift Container Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-06-04T12:39:54.739Z

Reserved: 2026-06-04T05:10:00.738Z

Link: CVE-2026-10805

cve-icon Vulnrichment

Updated: 2026-06-04T12:39:50.111Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-06-04T06:16:21.780

Modified: 2026-06-04T15:35:18.623

Link: CVE-2026-10805

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-04T00:00:00Z

Links: CVE-2026-10805 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-05T10:09:13Z

Weaknesses