Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.
The error consists of improper configuration of the gnome-control-center package delivered by Canonical in the Ubuntu distribution, which caused automatic enabling of Remote Desktop Sharing. This means the system could accept remote connections without explicit action from the user or administrator. An unauthenticated remote attacker could potentially gain access to the graphical session of a logged-in user.
An unauthorized remote attacker can gain full access to the victim's desktop, leading to a breach of confidentiality, integrity, and system availability.
Apply patches available from the vendor according to the references — Ubuntu security bulletin USN-5430-1. It is also recommended to manually verify and disable Remote Desktop Sharing in the system settings if it is not required.
GNOME gnome-remote-desktop and Canonical Ubuntu Linux in the versions indicated in the vendor references (patches described in USN-5430-1)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCanonical Ubuntu
OSCanonical18.0420.0422.04Gnome Remote Desktop
APPGnome42.1.142.1.1-142.1.1-2
Related vulnerabilities
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debia...
An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process Clea...
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote att...
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is...