Cyber Resilience

CVE-2022-1736

Critical

Published: 31 January 2025

Published
31 January 2025
Modified
26 August 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0054 68.0th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-1736 is a critical-severity an unspecified weakness vulnerability in Gnome Gnome-Remote-Desktop. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique External Remote Services (T1133); ranked in the top 32.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-17 (Remote Access) and CM-6 (Configuration Settings).

Deeper analysis

CVE-2022-1736 is a vulnerability in Ubuntu's configuration of gnome-control-center that allowed Remote Desktop Sharing to be enabled by default. This issue affects Ubuntu systems using the gnome-control-center component, with related involvement from gnome-remote-desktop, as documented in the associated Launchpad bug report.

The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), enabling remote exploitation over the network by unauthenticated attackers with low attack complexity and no user interaction. Attackers can achieve high impacts on confidentiality, integrity, and availability, potentially gaining unauthorized remote access to the desktop session due to the default-enabled sharing feature.

Ubuntu security advisories provide mitigation details, including patches in USN-5430-1. Additional information on fixes and affected versions is available at https://ubuntu.com/security/CVE-2022-1736 and https://ubuntu.com/security/notices/USN-5430-1, along with the bug tracker at https://bugs.launchpad.net/ubuntu/+source/gnome-remote-desktop/+bug/1973028.

EU & UK References

Vulnerability details

Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1133 External Remote Services Persistence
Adversaries may leverage external-facing remote services to initially access and/or persist within a network.
T1021.001 Remote Desktop Protocol Lateral Movement
Adversaries may use [Valid Accounts](https://attack.
Why these techniques?

Default-enabled remote desktop sharing directly exposes an unauthenticated remote service for initial access.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-3888Same product: Canonical Ubuntu Linux
CVE-2025-33208Same product: Canonical Ubuntu Linux
CVE-2025-26466Same product: Canonical Ubuntu Linux
CVE-2025-14551Same vendor: Canonical
CVE-2023-0881Same vendor: Canonical
CVE-2025-15480Same vendor: Canonical
CVE-2025-0928Same vendor: Canonical
CVE-2026-34178Same vendor: Canonical
CVE-2026-32693Same vendor: Canonical
CVE-2026-49238Same vendor: Canonical

Affected Assets

gnome
gnome-remote-desktop
42.1.1, 42.1.1-1, 42.1.1-2
canonical
ubuntu linux
18.04, 20.04, 22.04

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Mandates secure configuration settings that disable unnecessary features like default-enabled Remote Desktop Sharing in gnome-control-center.

prevent

Restricts systems to least functionality required, preventing default enabling of remote desktop sharing that exposes systems to unauthorized access.

prevent

Establishes and enforces usage restrictions and secure configurations for remote access, mitigating default-enabled Remote Desktop Sharing without authentication.

References