CVE-2026-4948 MEDIUM

CVE-2026-4948: Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

Vendor Red Hat
Product Red Hat Enterprise Linux 10
Weakness CWE-279
Published March 27, 2026
Last update May 15, 2026

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication, leading to unauthorized changes in network security configurations.

Key dates

02Disclosure timeline

March 27, 2026 CVE published
May 15, 2026 Record updated