Vulnerability identifier: #VU82951
Vulnerability risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-416
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
OpenVPN
Server applications /
Remote access servers, VPN
Vendor: openvpn.net
Description
The vulnerability allows a remote user to gain access to sensitive information.
The vulnerability exists due to openvpn incorrectly uses a send buffer after it has been freed. Under certain circumstances the freed memory can be sent to the client peer, resulting in information disclosure. The vulnerability affects TLS configuration.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
OpenVPN: 2.6.0 - 2.6.6
External links
http://github.com/OpenVPN/openvpn/blob/v2.6.7/Changes.rst
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.