CVE-2024-8474

Published: Jan 6, 2025
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-8474" target="_blank" rel="noopener"> CVE-2024-8474
Exploit:

OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic