CVE-2017-6590

Name of the Vulnerable Software and Affected Versions network-manager-applet versions 12.04 LTS through 16.10

Description A local attacker could exploit this issue at the default Ubuntu login screen to access local files and execute arbitrary commands as the lightdm user. The exploitation requires physical access to the locked computer, with Wi-Fi turned on, and an access point that allows certificate-based login. This could allow an attacker to open a nautilus window, browse directories, and open applications like Firefox, potentially for downloading malicious binaries.

Recommendations For versions 12.04 LTS through 16.10, consider restricting access to the network-manager-applet at the login screen until a patch is available. As a temporary workaround, disabling Wi-Fi at the login screen or requiring a password for Wi-Fi access could minimize the risk of exploitation.