CVE-2025-13751

A flaw was found in OpenVPN. This vulnerability allows a local denial of service via a local authenticated user connecting to the interactive service agent on Windows and triggering an error. Mitigation Mitigation for this issue is either not available or the currently available options do not me...

ALPINE-CVE-2025-13751

Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7alpha1 through 2.7rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service...

CVE-2025-13751

Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7alpha1 through 2.7rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service...

CVE-2025-13751

CVE-2025-13751 affects OpenVPN on Windows, specifically the Interactive Service Agent. The vulnerability arises from mishandling of an Interactive Service Proxy error, allowing a local authenticated user to connect to the service and trigger an error that results in a local denial of service. Aff...

OpenVPN 安全漏洞

OpenVPN is a software package for creating encrypted tunnels for Virtual Private Networks VPNs from US-based OpenVPN, which uses the OpenSSL library to encrypt data and control information, and allows created VPNs to be authenticated using public keys, electronic certificates, or...

PT-2025-48947

Name of the Vulnerable Software and Affected Versions OpenVPN versions 2.5.0 through 2.7 rc2 Description A local authenticated user can connect to the interactive service agent and trigger an error, resulting in a local denial of service. Recommendations Update to a version later than 2.7 rc2...

OpenVPN 2.5.x < 2.5.10, 2.6.x < 2.6.10 Multiple Vulnerabilities (Windows)

According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is affected by multiple vulnerabilities: - OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-i...

SUSE CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

SUSE CVE-2024-27459

The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-27459

The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-27903

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service...

CVE-2024-27903

OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-24974

CVE-2024-24974 affects OpenVPN 2.6.9 and earlier. The interactive service pipe can be accessed remotely, allowing a remote attacker to interact with the privileged OpenVPN interactive service. This is described across multiple sources (NVD entry for CVE-2024-24974 and Nessus/OpenVAS findings) as ...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-24974

The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service...

CVE-2024-27459

The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges...