VAR-202407-0079
Vulnerability from variot - Updated: 2025-11-18 13:02OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs. OpenVPN Technologies of OpenVPN contains an improper validation vulnerability on input of a given type.Information may be obtained and information may be tampered with. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers.
Multiple Siemens products have a log output neutralization error vulnerability that can be exploited by attackers to send spam to the openvpn log, causing high CPU load. ========================================================================== Ubuntu Security Notice USN-6860-1 July 02, 2024
openvpn vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 24.04 LTS
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in OpenVPN.
Software Description: - openvpn: virtual private network software
Details:
Reynir Björnsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. (CVE-2024-28882)
Reynir Björnsson discovered that OpenVPN incorrectly handled certain control channel messages with nonprintable characters. A remote attacker could possibly use this issue to cause OpenVPN to consume resources, or fill up log files with garbage, leading to a denial of service. (CVE-2024-5594)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.04 LTS openvpn 2.6.9-1ubuntu4.1
Ubuntu 23.10 openvpn 2.6.5-0ubuntu1.2
Ubuntu 22.04 LTS openvpn 2.5.9-0ubuntu0.22.04.3
Ubuntu 20.04 LTS openvpn 2.4.12-0ubuntu0.20.04.2
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6860-1 CVE-2024-28882, CVE-2024-5594
Package Information: https://launchpad.net/ubuntu/+source/openvpn/2.6.9-1ubuntu4.1 https://launchpad.net/ubuntu/+source/openvpn/2.6.5-0ubuntu1.2 https://launchpad.net/ubuntu/+source/openvpn/2.5.9-0ubuntu0.22.04.3 https://launchpad.net/ubuntu/+source/openvpn/2.4.12-0ubuntu0.20.04.2
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202407-0079",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openvpn",
"scope": "lt",
"trust": 1.0,
"vendor": "openvpn",
"version": "2.6.11"
},
{
"model": "openvpn",
"scope": "gte",
"trust": 1.0,
"vendor": "openvpn",
"version": "2.6.0"
},
{
"model": "openvpn",
"scope": null,
"trust": 0.8,
"vendor": "openvpn",
"version": null
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.8,
"vendor": "openvpn",
"version": null
},
{
"model": "openvpn",
"scope": "eq",
"trust": 0.8,
"vendor": "openvpn",
"version": "2.6.0 that\u0027s all 2.6.11"
},
{
"model": "scalance m-800 family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.2"
},
{
"model": "scalance s615 family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.2"
},
{
"model": "ruggedcom rm1224 family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.2"
},
{
"model": "scalance mum-800 family",
"scope": "lt",
"trust": 0.6,
"vendor": "siemens",
"version": "8.2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu",
"sources": [
{
"db": "PACKETSTORM",
"id": "179338"
}
],
"trust": 0.1
},
"cve": "CVE-2024-5594",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CNVD-2024-45211",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2024-5594",
"impactScore": 5.2,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "OTHER",
"availabilityImpact": "None",
"baseScore": 9.1,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2024-024939",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"id": "CVE-2024-5594",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "OTHER",
"id": "JVNDB-2024-024939",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2024-45211",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs. OpenVPN Technologies of OpenVPN contains an improper validation vulnerability on input of a given type.Information may be obtained and information may be tampered with. SCALANCE M-800, MUM-800 and S615 as well as RUGGEDCOM RM1224 are industrial routers. \n\nMultiple Siemens products have a log output neutralization error vulnerability that can be exploited by attackers to send spam to the openvpn log, causing high CPU load. ==========================================================================\nUbuntu Security Notice USN-6860-1\nJuly 02, 2024\n\nopenvpn vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 24.04 LTS\n- Ubuntu 23.10\n- Ubuntu 22.04 LTS\n- Ubuntu 20.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenVPN. \n\nSoftware Description:\n- openvpn: virtual private network software\n\nDetails:\n\nReynir Bj\u00f6rnsson discovered that OpenVPN incorrectly handled terminating\nclient connections. A remote authenticated client could possibly use this\nissue to keep the connection active, bypassing certain security policies. \nThis issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. \n(CVE-2024-28882)\n\nReynir Bj\u00f6rnsson discovered that OpenVPN incorrectly handled certain\ncontrol channel messages with nonprintable characters. A remote attacker\ncould possibly use this issue to cause OpenVPN to consume resources, or\nfill up log files with garbage, leading to a denial of service. \n(CVE-2024-5594)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 24.04 LTS\n openvpn 2.6.9-1ubuntu4.1\n\nUbuntu 23.10\n openvpn 2.6.5-0ubuntu1.2\n\nUbuntu 22.04 LTS\n openvpn 2.5.9-0ubuntu0.22.04.3\n\nUbuntu 20.04 LTS\n openvpn 2.4.12-0ubuntu0.20.04.2\n\nIn general, a standard system update will make all the necessary changes. \n\nReferences:\n https://ubuntu.com/security/notices/USN-6860-1\n CVE-2024-28882, CVE-2024-5594\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/openvpn/2.6.9-1ubuntu4.1\n https://launchpad.net/ubuntu/+source/openvpn/2.6.5-0ubuntu1.2\n https://launchpad.net/ubuntu/+source/openvpn/2.5.9-0ubuntu0.22.04.3\n https://launchpad.net/ubuntu/+source/openvpn/2.4.12-0ubuntu0.20.04.2\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2024-5594"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"db": "PACKETSTORM",
"id": "179338"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2024-5594",
"trust": 3.3
},
{
"db": "ICS CERT",
"id": "ICSA-25-072-02",
"trust": 0.8
},
{
"db": "ICS CERT",
"id": "ICSA-24-319-06",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU96191615",
"trust": 0.8
},
{
"db": "JVN",
"id": "JVNVU92252869",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024939",
"trust": 0.8
},
{
"db": "SIEMENS",
"id": "SSA-354112",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2024-45211",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "179338",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"db": "PACKETSTORM",
"id": "179338"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"id": "VAR-202407-0079",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
}
]
},
"last_update_date": "2025-11-18T13:02:15.327000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Multiple Siemens products log output and error vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/617366"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-1287",
"trust": 1.0
},
{
"problemtype": "Improper validation for input of specified type (CWE-1287) [ others ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://community.openvpn.net/openvpn/wiki/cve-2024-5594"
},
{
"trust": 1.8,
"url": "https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html"
},
{
"trust": 1.0,
"url": "https://lists.debian.org/debian-lts-announce/2025/03/msg00005.html"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-5594"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu96191615/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu92252869/"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06"
},
{
"trust": 0.8,
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-02"
},
{
"trust": 0.6,
"url": "https://cert-portal.siemens.com/productcert/html/ssa-354112.html"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openvpn/2.5.9-0ubuntu0.22.04.3"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openvpn/2.6.5-0ubuntu1.2"
},
{
"trust": 0.1,
"url": "https://ubuntu.com/security/notices/usn-6860-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openvpn/2.6.9-1ubuntu4.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/openvpn/2.4.12-0ubuntu0.20.04.2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2024-28882"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"db": "PACKETSTORM",
"id": "179338"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"db": "PACKETSTORM",
"id": "179338"
},
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"date": "2024-07-03T15:08:36",
"db": "PACKETSTORM",
"id": "179338"
},
{
"date": "2025-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"date": "2025-01-06T14:15:08.807000",
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2024-11-18T00:00:00",
"db": "CNVD",
"id": "CNVD-2024-45211"
},
{
"date": "2025-06-11T07:59:00",
"db": "JVNDB",
"id": "JVNDB-2024-024939"
},
{
"date": "2025-11-03T21:18:47.610000",
"db": "NVD",
"id": "CVE-2024-5594"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "179338"
}
],
"trust": 0.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenVPN\u00a0Technologies\u00a0 of \u00a0OpenVPN\u00a0 Improper validation vulnerability for specified types of input",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2024-024939"
}
],
"trust": 0.8
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…