CVE-2025-50054

🗓️ 20 Jun 2025 06:29:01Reported by OpenVPNType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 36 Views

Buffer overflow in OpenVPN versions allows local user to crash system via large control message.

Reporter	Title	Published	Views	Family All 12
BDU FSTEC	The vulnerability of the ovpn-dco-win software driver allows a hacker to trigger a service failure.	24 Jun 202500:00	–	bdu_fstec
Circl	CVE-2025-50054	20 Jun 202507:45	–	circl
CNNVD	OpenVPN ovpn-dco-win 安全漏洞	20 Jun 202500:00	–	cnnvd
Cvelist	CVE-2025-50054	20 Jun 202506:29	–	cvelist
EUVD	EUVD-2025-18726	3 Oct 202520:07	–	euvd
NVD	CVE-2025-50054	20 Jun 202507:15	–	nvd
OpenVAS	OpenVPN Buffer Overflow Vulnerability (Jun 2025) - Windows	24 Jun 202500:00	–	openvas
OSV	CVE-2025-50054	20 Jun 202507:15	–	osv
Positive Technologies	PT-2025-26282 · Openvpn · Openvpn	17 Jun 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-50054	23 Jun 202508:41	–	redhatcve

NVD

Node

openvpn ovpn-dco-winRange≤1.3.0

openvpn ovpn-dco-winRange2.4.0–2.5.8

[
  {
    "vendor": "OpenVPN",
    "product": "ovpn-dco-win",
    "platforms": [
      "Windows"
    ],
    "repo": "https://github.com/OpenVPN/ovpn-dco-win",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "1.3.1",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "2.5.9",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
community	www.community.openvpn.net/Downloads
community	www.community.openvpn.net/Security%20Announcements/CVE-2025-50054

21 Aug 2025 20:39Current

7.3High risk

Vulners AI Score7.3

CVSS 3.15.5

EPSS0.00077

SSVC