CVE-2025-13751

🗓️ 03 Dec 2025 16:22:35Reported by OpenVPNType

OpenVPN on Windows 2.5.0 to 2.7_rc2 lets an authenticated local user trigger a service error causing denial of service.

Reporter	Title	Published	Views	Family All 18
AlpineLinux	CVE-2025-13751	3 Dec 202516:22	–	alpinelinux
Chainguard	CVE-2025-13751 vulnerabilities	14 Jan 202619:17	–	cgr
Circl	CVE-2025-13751	3 Dec 202522:59	–	circl
CNNVD	OpenVPN 安全漏洞	3 Dec 202500:00	–	cnnvd
CVE	CVE-2025-13751	3 Dec 202516:22	–	cve
Debian CVE	CVE-2025-13751	3 Dec 202516:22	–	debiancve
EUVD	EUVD-2025-200999	3 Dec 202518:30	–	euvd
NVD	CVE-2025-13751	3 Dec 202517:15	–	nvd
OpenVAS	OpenVPN DoS Vulnerability (Dec 2025) - Windows	3 Dec 202500:00	–	openvas
OSV	ALPINE-CVE-2025-13751	3 Dec 202517:15	–	osv

[
  {
    "vendor": "OpenVPN",
    "product": "OpenVPN",
    "platforms": [
      "Windows"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "2.5.0",
        "lessThanOrEqual": "2.6.16",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "2.7_alpha1",
        "lessThanOrEqual": "2.7_rc2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
mail-archive	www.mail-archive.com/[email protected]/msg00154.html
community	www.community.openvpn.net/Security%20Announcements/CVE-2025-13751
mail-archive	www.mail-archive.com/[email protected]/msg00153.html

12 Dec 2025 13:56Current

CVSS 45.6

EPSS0.00151

OpenVPN Windows authenticated user local access service error denial service