SoftEtherVPN Vulnerability: Amplification/Reflection Attacks Possible
CVE-2024-38520

7.5HIGH

Key Information:

Vendor: Softethervpn
Status: Softethervpn
Vendor: CVE Published:; 26 June 2024

🔔 Create Softethervpn Vulnerability Alert

Badges

📈 Trended📈 Score: 3,450

What is CVE-2024-38520?

CVE-2024-38520 is a vulnerability identified in SoftEtherVPN, an open-source, cross-platform VPN solution designed to provide secure communications over the internet. This vulnerability emerges when SoftEtherVPN is configured with L2TP enabled, potentially allowing an attacker to use the host system as a vehicle for amplification and reflection attacks. This configuration could be exploited to overwhelm a target through increased traffic volume and TCP/IP packet manipulation, leading to significant disruptions in service and potential reputational damage to organizations utilizing the software.

Technical Details

The vulnerability is associated with SoftEtherVPN's behavioral pattern of responding to incoming packets with two larger outgoing packets, which can be exploited in Distributed Denial of Service (DDoS) attacks. Attackers could send minimal requests to the vulnerable host, which would subsequently lead to disproportionately larger responses being directed at a selected target. Such techniques leverage spoofed IP addresses to obscure the attacker's identity, making it challenging to mitigate the effects of such an attack. The issue has been addressed in version 5.02.5185 of the software, and it is critical that users apply this update to eliminate the potential for exploitation.

Impact of the Vulnerability

Service Disruption: Organizations relying on SoftEtherVPN for secure communications may face significant disruptions in service, as attackers could use this vulnerability to generate massive amounts of traffic directed at targeted services, effectively rendering them inaccessible.
Increased Risk of DDoS Attacks: The ability for attackers to amplify their assault using a single vulnerable host makes it easier for threat actors to execute more effective DDoS attacks, potentially overwhelming network resources and causing harm to organizational operations.
Reputational Damage: Should an organization experience a successful attack due to this vulnerability, it could face reputational harm resulting from service outages and a perceived inability to secure its infrastructure, ultimately leading to a loss of customer trust and confidence in its operational integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch