CVE-2024-5198

Published: Jan 15, 2025

Modified: Jan 15, 2025

PUBLISHED

Description

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.

Vendor	Product	Versions
OpenVPN	ovpn-dco	affected `1.1.1`
OpenVPN	OpenVPN-GUI	affected `2.6.10-I002`

Weaknesses (CWE)

CWE-476

References

https://community.openvpn.net/openvpn/wiki/CVE-2024-5198

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-5198

Description

Affected Products

Weaknesses (CWE)

References