Critical OpenVPN Vulnerabilities Expose Millions of Devices to RCE Attack
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Microsoft researchers have recently uncovered multiple medium-severity vulnerabilities in OpenVPN, a widely used open-source VPN software.
OpenVPN is used by thousands of companies across various industries, including information technology, financial services, telecommunications, and computer software, on major platforms such as Windows, iOS, macOS, Android, and BSD.
These vulnerabilities can be exploited to achieve remote code execution (RCE) and local privilege escalation (LPE), which could allow attackers to gain full control over targeted devices. This poses a risk of data breaches, system compromise, and unauthorized access to sensitive information.
Client Server Model
The vulnerabilities were identified in OpenVPN’s client-side architecture, specifically in the communication mechanism between the openvpn.exe process and the openvpnserv.exe service. The affected versions include all releases prior to OpenVPN 2.6.10 and 2.5.10.
The key vulnerabilities are:
Exploitation of these vulnerabilities requires user authentication and a deep understanding of OpenVPN’s inner workings. Attackers could chain these vulnerabilities to execute an attack chain, achieving RCE and LPE, thereby gaining full control over targeted endpoints. This could lead to data breaches, system compromises, and unauthorized access to sensitive information.
Microsoft reported these vulnerabilities to OpenVPN in March 2024 through Coordinated Vulnerability Disclosure. OpenVPN has since released patches to address these issues. Users are strongly urged to update to the latest versions, 2.6.10 or 2.5.10, to mitigate potential risks. Additional recommendations include:
To mitigate these risks, OpenVPN users are strongly urged to update to the latest versions (2.6.10 or 2.5.10) immediately.
To verify if your OpenVPN installation is up-to-date
openvpn --version
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Critical OpenVPN Vulnerabilities Expose Millions of Devices to RCE Attack
Author: Guru BaranMicrosoft researchers have recently uncovered multiple medium-severity vulnerabilities in OpenVPN, a widely used open-source VPN software.
OpenVPN is used by thousands of companies across various industries, including information technology, financial services, telecommunications, and computer software, on major platforms such as Windows, iOS, macOS, Android, and BSD.
These vulnerabilities can be exploited to achieve remote code execution (RCE) and local privilege escalation (LPE), which could allow attackers to gain full control over targeted devices. This poses a risk of data breaches, system compromise, and unauthorized access to sensitive information.
Client Server ModelThe vulnerabilities were identified in OpenVPN’s client-side architecture, specifically in the communication mechanism between the openvpn.exe process and the openvpnserv.exe service. The affected versions include all releases prior to OpenVPN 2.6.10 and 2.5.10.
The key vulnerabilities are:
- CVE-2024-27459 : A stack overflow vulnerability in openvpnserv that can lead to denial-of-service (DoS) and LPE on Windows systems.
- CVE-2024-24974 : Unauthorized access vulnerability allowing remote interaction with the \\openvpn\\service named pipe on Windows.
- CVE-2024-27903 : A flaw in the plugin mechanism that can result in RCE on Windows and LPE and data manipulation on Android, iOS, macOS, and BSD.
- CVE-2024-1305 : A memory overflow vulnerability in the Windows TAP driver causing DoS.
Exploitation of these vulnerabilities requires user authentication and a deep understanding of OpenVPN’s inner workings. Attackers could chain these vulnerabilities to execute an attack chain, achieving RCE and LPE, thereby gaining full control over targeted endpoints. This could lead to data breaches, system compromises, and unauthorized access to sensitive information.
Microsoft reported these vulnerabilities to OpenVPN in March 2024 through Coordinated Vulnerability Disclosure. OpenVPN has since released patches to address these issues. Users are strongly urged to update to the latest versions, 2.6.10 or 2.5.10, to mitigate potential risks. Additional recommendations include:
- Segregating OpenVPN clients from the internet and unauthorized users.
- Implementing strong authentication measures and reducing the number of users with write access.
- Continuously monitoring for unusual activities and ensuring endpoint security measures are up to date.
To mitigate these risks, OpenVPN users are strongly urged to update to the latest versions (2.6.10 or 2.5.10) immediately.
To verify if your OpenVPN installation is up-to-date
openvpn --version
#Cyber_Security_News #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
