CVE-2025-13751
Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.
| Software | From | Fixed in |
|---|---|---|
| openvpn / openvpn | 2.5.0 | 2.6.17 |
| openvpn / openvpn | 2.7-alpha1 | 2.7-alpha1.x |
| openvpn / openvpn | 2.7-alpha2 | 2.7-alpha2.x |
| openvpn / openvpn | 2.7-alpha3 | 2.7-alpha3.x |
| openvpn / openvpn | 2.7-beta1 | 2.7-beta1.x |
| openvpn / openvpn | 2.7-beta2 | 2.7-beta2.x |
| openvpn / openvpn | 2.7-beta3 | 2.7-beta3.x |
| openvpn / openvpn | 2.7-rc1 | 2.7-rc1.x |
| openvpn / openvpn | 2.7-rc2 | 2.7-rc2.x |
- https://community.openvpn.net/Security%20Announcements/CVE-2025-13751
- https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00153.html
- https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00154.html
- https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00154.htmlhttps://
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime