Improper IP Address Validation in OpenVPN by OpenVPN Technologies
CVE-2025-13086
4.6MEDIUM
What is CVE-2025-13086?
An improper validation of source IP addresses in OpenVPN versions 2.6.0 through 2.7_rc1 allows attackers to establish connections using arbitrary IP addresses. This flaw can result in a denial of service for original clients, potentially disrupting communication and access to resources. Mitigating this vulnerability is essential to maintain network integrity and security.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
OpenVPN 2.6.0 <= 2.6.15
OpenVPN 2.7_alpha1 <= 2.7_rc1
References
CVSS V4
Score:
4.6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved