Vogtinator

**Name of the Vulnerable Software and Affected Versions** SDDM versions prior to 0.17.0 **Description** An issue was discovered where the password is not checked for users with an already existing session if SDDM is configured with ReuseSession=true. This allows any user with access to the system D-Bus to unlock any graphical session. The issue is related to the files daemon/Display.cpp and helper/backend/PamBackend.cpp. **Recommendations** For SDDM versions prior to 0.17.0, consider setting ReuseSession=false as a temporary workaround to prevent unauthorized access to graphical sessions. Restrict access to the system D-Bus to minimize the risk of exploitation.