CVE-2025-13086

Summary

Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did not initiate the connection resulting in a denial of service for the originating client

Affected Software

VendorProductVersion RangeStatus
OpenVPNOpenVPN2.6.0 <= 2.6.15affected
OpenVPNOpenVPN2.7_alpha1 <= 2.7_rc1affected

Weaknesses

  • CWE-940: CWE-940: Improper Verification of Source of a Communication Channel

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References