How severe is CVE-2025-2704?

CVE-2025-2704 has a CVSS v3 score of 7.5 (HIGH).

CVE-2025-2704

Name: openvpn
Author: openvpn

7.5HIGH

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

发布于: 4/2/2025更新于: 10/23/2025

描述

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

AI分析AI驱动

受影响产品

openvpnopenvpn

参考资料

https://community.openvpn.net/openvpn/wiki/CVE-2025-2704
Broken Link
https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00142.html
http://www.openwall.com/lists/oss-security/2025/04/02/5
Mailing List