How severe is CVE-2025-2704?

CVE-2025-2704 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-2704

Name: openvpn
Author: openvpn

7.5HIGH

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

公開日: 4/2/2025更新日: 10/23/2025

説明

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

AI分析AIによる分析

影響を受ける製品

openvpnopenvpn

参照

https://community.openvpn.net/openvpn/wiki/CVE-2025-2704
Broken Link
https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00142.html
http://www.openwall.com/lists/oss-security/2025/04/02/5
Mailing List