CVE-2025-9615

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions strongSwan (affected versions not specified)

Description A local user may be able to authenticate using the credentials of another user if those credentials are locally accessible. This issue affects network-manager in Debian Linux.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-281

Related Identifiers

ALSA-2026:18142

ALSA-2026:18597

BDU:2026-05138

CVE-2025-9615

OESA-2026-1571

OPENSUSE-SU-2025:15822-1

OPENSUSE-SU-2026:10051-1

OPENSUSE-SU-2026:10295-1

OPENSUSE-SU-2026:20547-1

RHSA-2026:18142

RHSA-2026:18597

SUSE-SU-2026:1419-1

SUSE-SU-2026:1420-1

SUSE-SU-2026:1427-1

SUSE-SU-2026:1443-1

SUSE-SU-2026:1821-1

SUSE-SU-2026:21113-1

SUSE-SU-2026:21121-1

SUSE-SU-2026:21203-1

Affected Products

Debian

Red Os

Networkmanager

Strongswan

CVE-2025-9615

Weakness Enumeration

Related Identifiers

Affected Products

References · 59