Lucene search
TalosCVELIST:CVE-2023-25774HistoryOct 12, 2023 - 3:27 p.m.
CVE-2023-25774
2023-10-1215:27:53
CWE-400
talos
www.cve.org
3
cve-2023-25774
vpnserver
connectionaccept()
denial of service
softether vpn 5.02
malicious packets
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
21.7%
A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. A set of specially crafted network connections can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.
CNA Affected
[
{
"vendor": "SoftEther VPN",
"product": "SoftEther VPN",
"versions": [
{
"version": "5.01.9674",
"status": "affected"
},
{
"version": "5.02",
"status": "affected"
}
]
}
]Related
vulnrichment
vulnrichment
CVE-2023-25774
2023-10-12 15:27:53
talos
talos
SoftEther VPN vpnserver ConnectionAccept() denial-of-service vulnerability
2023-10-12 00:00:00
prion
prion
Denial of service
2023-10-12 16:15:00
nvd
nvd
CVE-2023-25774
2023-10-12 16:15:11
cve
cve
CVE-2023-25774
2023-10-12 16:15:11
talosblog
talosblog
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
21.7%
Related for CVELIST:CVE-2023-25774