Main Vulnerability Database Exploits ID:12163 - Exploit for Out-of-bounds read in OpenSSL - CVE-2024-5535

ID:12163 - Exploit for Out-of-bounds read in OpenSSL - CVE-2024-5535

Published: November 28, 2025

Vulnerability identifier: #VU93424

Vulnerability risk: Low

CVE-ID: CVE-2024-5535

CWE-ID: CWE-125

Exploitation vector: Remote access

Vulnerable software:
OpenSSL

Link to public exploit:

https://github.com/websecnl/CVE-2024-5535

Vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the SSL_select_next_proto() function when using NPN. A remote attacker can send specially crafted data to the application, trigger an out-of-bounds read and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

ID:12163 - Exploit for Out-of-bounds read in OpenSSL - CVE-2024-5535

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human