WID-SEC-W-2024-1433

WID-SEC-W-2024-1433 PUBLISHED CVSS 9.300000190734863 CRITICAL

OpenVPN ist eine Open Source Software zum Aufbau eines Virtuellen Privaten Netzwerkes (VPN) über eine verschlüsselte TLS-Verbindung. Zur Verschlüsselung werden die Bibliotheken des Programmes OpenSSL benutzt.

Risk Scores

CVSS 4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
	SUSE Linux
	Fedora Linux
	SUSE openSUSE
	Debian Linux
	Open Source OpenVPN 2.6.11
	Ubuntu Linux
	Open Source OpenVPN <2.6.11

Exploit Intelligence

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1433.json (circl)
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1433 (circl)
https://github.com/OpenVPN/openvpn/blob/v2.6.11/Changes.rst#security-fixes (circl)
http://www.vuxml.org/freebsd/142c538e-b18f-40a1-afac-c479effadd5c.html (circl)
https://ubuntu.com/security/notices/USN-6860-1 (circl)
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-9376ff0291 (circl)
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MKHQ4XCAY5VAP2Q6UDAYNS7OL2QJGLP6/ (circl)
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MKHQ4XCAY5VAP2Q6UDAYNS7OL2QJGLP6/ (circl)
https://lists.suse.com/pipermail/sle-security-updates/2024-October/019540.html (circl)
https://lists.suse.com/pipermail/sle-security-updates/2024-October/019550.html (circl)

…and 8 more exploits

Timeline

Jun 23, 2024 CVE Published
Apr 3, 2025 CVE Updated
Apr 29, 2026 Distribution Patch
Apr 29, 2026 Distribution Patch

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1433.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1433 advisory
https://github.com/OpenVPN/openvpn/blob/v2.6.11/Changes.rst#security-fixes url
http://www.vuxml.org/freebsd/142c538e-b18f-40a1-afac-c479effadd5c.html url
https://ubuntu.com/security/notices/USN-6860-1 url
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-9376ff0291 url
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MKHQ4XCAY5VAP2Q6UDAYNS7OL2QJGLP6/ url
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/MKHQ4XCAY5VAP2Q6UDAYNS7OL2QJGLP6/ url
https://lists.suse.com/pipermail/sle-security-updates/2024-October/019540.html url
https://lists.suse.com/pipermail/sle-security-updates/2024-October/019550.html url
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/KIPA7OBR5EVC3PIBCIJICJKK7MH3RBNA/ url
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/ZFJTYJ5WUHIAH62DRJFZPFUO5RFXILGE/ url
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/4OGKNXNQUPJ2676MEOZA32KDCGPJ5OV7/ url
https://lists.debian.org/debian-lts-announce/2025/03/msg00005.html url
https://ubuntu.com/security/notices/USN-7340-1 url
https://lists.suse.com/pipermail/sle-security-updates/2025-March/020625.html url
https://lists.suse.com/pipermail/sle-security-updates/2025-April/020633.html url
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/NCVGL2BNTTQDQ55FP7JRS3YXYIXQP22D/ url

Open in Interactive Console →