Plattform
linux
Komponente
dde-control-center
Behoben in
6.1.36
5.5.4
2.0.2
CVE-2026-35207 is a vulnerability in the dde-control-center, specifically within the plugin-deepinid component, which manages the Deepin ID cloud service. This flaw allows a man-in-the-middle (MITM) attacker to intercept network traffic and replace user avatars with malicious or misleading images, potentially leading to user identification. The vulnerability affects versions 5.5.3–>= 6.1.35, < 6.1.80 and is resolved in dde-control-center 6.1.80 and 5.9.9.
The primary impact of CVE-2026-35207 is the potential for user impersonation and phishing attacks. An attacker positioned between the user and openapi.deepin.com (or other providers) can intercept avatar requests and substitute them with malicious images. This could be used to display misleading information, trick users into performing actions they wouldn't otherwise take, or even identify users based on their avatar. While the vulnerability doesn't directly lead to code execution or data breaches, the social engineering possibilities are significant, particularly in environments where users rely on visual cues for authentication or trust.
This vulnerability was publicly disclosed on 2026-04-09. There are currently no known public proof-of-concept exploits available. The EPSS score is likely low to medium, given the requirement for an MITM position and the limited direct impact. It is not currently listed on the CISA KEV catalog.
Users of Deepin Desktop Environment who rely on the dde-control-center for managing their Deepin ID cloud service are at risk. This includes users on systems running affected versions of dde-control-center, particularly those in environments where network traffic is potentially susceptible to interception.
• linux / server:
journalctl -f -u dde-control-center | grep -i "tls certificate verification"• linux / server:
ps aux | grep deepinid• generic web: Use a network sniffer (e.g., Wireshark) to monitor traffic to openapi.deepin.com and look for connections without proper TLS certificate validation.
disclosure
Exploit-Status
EPSS
0.02% (4% Perzentil)
CISA SSVC
CVSS-Vektor
The recommended mitigation for CVE-2026-35207 is to immediately upgrade dde-control-center to version 6.1.80 or 5.9.9. These versions address the TLS certificate verification issue. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) or proxy to enforce strict TLS certificate validation for traffic to openapi.deepin.com. Monitor network traffic for suspicious avatar replacements. After the upgrade, confirm the fix by verifying that TLS certificate verification is enabled for avatar requests using network analysis tools.
Aktualisieren Sie das Paket dde-control-center auf Version 6.1.80 oder höher, oder auf Version 5.9.9, wenn Sie eine Version vor 6.1.35 verwenden. Dieses Update behebt die falsche Konfiguration, die das Überspringen der TLS-Zertifikatsüberprüfung beim Herunterladen von Avataren ermöglichte, und mindert so das Risiko von Man-in-the-Middle-Angriffen.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-35207 is a vulnerability in dde-control-center allowing an attacker to replace user avatars due to skipped TLS certificate verification, potentially leading to user identification.
You are affected if you are using dde-control-center versions 5.5.3–>= 6.1.35, < 6.1.80. Upgrade to 6.1.80 or 5.9.9 to resolve the issue.
Upgrade dde-control-center to version 6.1.80 or 5.9.9. As a temporary workaround, implement a WAF to enforce TLS certificate validation.
There are currently no known active exploits for CVE-2026-35207, but the potential for MITM attacks exists.
Refer to the Deepin project's security advisories for the official advisory regarding CVE-2026-35207.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.