AI description
CVE-2025-50054 is a buffer overflow vulnerability found in OpenVPN's ovpn-dco-win driver, affecting versions 1.3.0 and earlier, as well as version 2.5.8 and earlier. This vulnerability exists because the Windows DCO driver can crash when a user space process sends a control packet larger than 1500 bytes. The flaw allows a local, unprivileged user process to send an excessively large control message buffer to the kernel driver. This triggers a heap-based buffer overflow, potentially leading to a system crash. The vulnerability can be exploited locally, even by unprivileged processes, posing a denial-of-service risk.
- Description
- Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash
- Source
- security@openvpn.net
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 5.5
- Impact score
- 3.6
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- security@openvpn.net
- CWE-122
- Hype score
- Not currently trending
🚨CVE-2025-50054: Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer to the kernel driver resulting in a system crash ZoomEye Link: https://t.co/kKf49ZjVsI https
@DarkWebInformer
24 Jun 2025
7274 Impressions
28 Retweets
79 Likes
20 Bookmarks
2 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/6jhTlndvG9 🚨CRITICAL OpenVPN VULN ALERT🚨CVE-2025-50054: A nasty buffer overflow in OpenVPN's Windows driver lets local users CRASH systems with a single oversized control message. DoS attack risk—local or r
@zoomeye_team
24 Jun 2025
728 Impressions
4 Retweets
14 Likes
3 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-50054 OpenVPN Flaw allows Local Users to Crash Windows Systems 🎯3m+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link: https://t.co/kGrppFzPuy FOFA Query:app="OPENVPN" 🔖Refer:https://t.co/uzDkNBsXw6 #OSINT #FOFA #CyberSecurity
@fofabot
24 Jun 2025
1863 Impressions
12 Retweets
41 Likes
13 Bookmarks
2 Replies
0 Quotes
A flaw (CVE-2025-50054) in OpenVPN's Windows kernel driver allows unprivileged local users to crash systems. A patch is available in OpenVPN 2.7_alpha2 (test build). #OpenVPN #WindowsSecurity #DoSAttack #Vulnerability #Cybersecurity https://t.co/8PCtQRExsl
@the_yellow_fall
24 Jun 2025
304 Impressions
2 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
Wild: A newly found bug in OpenVPN for Windows (CVE-2025-50054) means even a non-admin user could potentially send your PC into a full crash by overflowing a driver buffer. Whoa. #Cybersecurity #Windows https://t.co/Vz1Zmvn88g https://t.co/7pSXoMJ0Hy
@TweekFawkes
23 Jun 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenVPN 2.7_alpha2 launches June 19, 2025, fixing CVE-2025-50054 vulnerability that could crash Windows systems. New features include multi-socket support, TLS 1.3, and improved security on Windows. 🚀 #Security #Windows #Australia https://t.co/bGJSCQNe15
@TweetThreatNews
23 Jun 2025
74 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-50054 # critical buffer overflow vulnerability in OpenVPN’s data channel: https://t.co/RGO6rYc4i9
@Iambivash007
22 Jun 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
פרצת אבטחה לopenvpn והתיקון שיצא מתייחס לגרסת אלפא שעוד לא יציבה ולא מיועדת לסביבת Production. התיקון מגיע בגרסת 2.7 אלפה שתיים שמתקנת את CVE-2025-50054. פרצת האבטחה משפי
@NirRoitman
22 Jun 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerta OpenVPN! Nova versão 2.7_alpha2 corrige falha crítica (CVE-2025-50054) no driver Windows que pode causar crash no sistema. Atualize já e proteja sua rede! 🛡️ #OpenVPN #Segurança #Cibersegurança https://t.co/HgV5RoLBHA
@fernandokarl
22 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
OpenVPNのWindows向けデータチャネルオフロードドライバーにバッファオーバーフローの脆弱性(CVE-2025-50054)が発見され、ローカル攻撃者が細工した制御メッセージを送信することでWindowsをクラッシュさせる恐
@yousukezan
21 Jun 2025
600 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
CVE-2025-50054 Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and earlier and version 2.5.8 and earlier allows a local user process to send a too large control message buffer… https://t.co/Umkv12EosK
@CVEnew
21 Jun 2025
331 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⭕ OpenVPN Driver Vulnerability Allows Attackers to Crash Windows Systems Read more: https://t.co/lEGho3SKHv Summary ======== 1. A critical OpenVPN Windows driver flaw (CVE-2025-50054) allowed local attackers to crash systems. 2. The vulnerability enabled denial-of-service
@The_Cyber_News
21 Jun 2025
845 Impressions
6 Retweets
13 Likes
4 Bookmarks
0 Replies
0 Quotes
CVE-2025-50054 Buffer Overflow in OpenVPN ovpn-dco-win Kernel Driver Enables Local System Crash https://t.co/A78BrdqFm5
@VulmonFeeds
20 Jun 2025
91 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes