Microsoft Finds Vulnerabilities in OpenVPN

Multiple Flaws Could Lead to Attack Chain

OpenVPN Versions Prior to 2610 and 2510 Affected

Microsoft researchers have discovered four medium-severity security vulnerabilities in the open-source OpenVPN software. The affected versions include all releases prior to OpenVPN 2610 and 2510. These flaws could be chained together to craft an attack chain that enables remote code execution (RCE) and local privilege escalation (LPE).

The most severe of these vulnerabilities is CVE-2023-22947, a heap-based buffer overflow that could lead to RCE on Windows systems. The other three vulnerabilities are CVE-2023-22945, a use-after-free flaw that could lead to LPE and data manipulation on Android, iOS, and macOS; CVE-2023-22946, an out-of-bounds read that could lead to LPE on Linux systems; and CVE-2023-22948, an information disclosure flaw that could allow attackers to obtain sensitive information from OpenVPN instances.

Microsoft has released security updates for these vulnerabilities, and it is recommended that all users update to the latest version of OpenVPN as soon as possible.