CVE-2022-1736
Published: 31 January 2025
Summary
CVE-2022-1736 is a critical-severity an unspecified weakness vulnerability in Gnome Gnome-Remote-Desktop. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique External Remote Services (T1133); ranked in the top 32.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-17 (Remote Access) and CM-6 (Configuration Settings).
Deeper analysis
CVE-2022-1736 is a vulnerability in Ubuntu's configuration of gnome-control-center that allowed Remote Desktop Sharing to be enabled by default. This issue affects Ubuntu systems using the gnome-control-center component, with related involvement from gnome-remote-desktop, as documented in the associated Launchpad bug report.
The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), enabling remote exploitation over the network by unauthenticated attackers with low attack complexity and no user interaction. Attackers can achieve high impacts on confidentiality, integrity, and availability, potentially gaining unauthorized remote access to the desktop session due to the default-enabled sharing feature.
Ubuntu security advisories provide mitigation details, including patches in USN-5430-1. Additional information on fixes and affected versions is available at https://ubuntu.com/security/CVE-2022-1736 and https://ubuntu.com/security/notices/USN-5430-1, along with the bug tracker at https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1973028.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-25017
Vulnerability details
Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Default-enabled remote desktop sharing directly exposes an unauthenticated remote service for initial access.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Mandates secure configuration settings that disable unnecessary features like default-enabled Remote Desktop Sharing in gnome-control-center.
Restricts systems to least functionality required, preventing default enabling of remote desktop sharing that exposes systems to unauthorized access.
Establishes and enforces usage restrictions and secure configurations for remote access, mitigating default-enabled Remote Desktop Sharing without authentication.