QwikSec

Security Database

CVE

CWE

Training

CVE-2025-11955

Published: Oct 27, 2025

Modified: Oct 27, 2025

PUBLISHED

Description

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid.

Vendor	Product	Versions
TheGreenBow	TheGreenBow VPN Client Windows Enterprise	affected `7.5` affected `7.6`

Weaknesses (CWE)

References

https://www.incibe.es/en/incibe-cert/notices/aviso/incorrect-validation-ocsp-certificates-thegreenbow-vpn-client-windows

https://www.thegreenbow.com/en/support/security-alerts/

vendor-advisory

patch

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.