This security bulletin contains one high risk vulnerability.
Exploit availability: NoDescription
The vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error when handling certain client-certification situations for SSL, TLS, and DTLS. A remote attacker can bypass authentication process and compromise the affected system.
Install updates from vendor's website.Vulnerable software versions
otp: 25.0 - 25.0.1, 24.0 - 22.214.171.124, 23.0 - 126.96.36.199
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?