Alireza Gharib Blog

CVE-2024-5198 – OpenVPN for Windows DLL Injection Null Pointer Dereference

CVE ID : CVE-2024-5198

Published : Jan. 15, 2025, 1:15 p.m. | 1 hour, 2 minutes ago

Description : OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Go to Source

Tags: #cve, #cybersecurity, #security

Related Posts

Windows 11’s TPM 2.0: Free Software Foundation Fights Forced Upgrades and E-Waste Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast Vulnerable Moxa devices expose industrial networks to attacks Vulnerability Overload: 40,000+ CVEs in 2024 Trio of Critical Vulnerabilities in Netis Routers Enables Unauthenticated RCE Top Cybersecurity Certifications to Boost Your Career in 2025 Threat Actors Exploit a Critical Ivanti RCE Bug, Again Thousands of SonicWall Devices Remain Vulnerable to CVE-2024-40766 TheCyberThrone Security Weekly Review – January 11, 2025 TheCyberThrone Security Weekly Review – January 04, 2025 SonicWall waarschuwt voor actief misbruikt lek in SSLVPN-functie firewalls SonicWall urges admins to patch exploitable SSLVPN bug immediately SonicWall Issues Important Security Advisory for Multiple Vulnerabilities in SonicOS SimpleHelp Urgents to Patch Critical Security Vulnerabilities Secure Your Repos: go-git Patches Critical Vulnerability – CVE-2025-21613 (CVSS 9.8) Reversing, Discovering, And Exploiting A TP-Link Router Vulnerability — CVE-2024–54887 Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers Redis was affected by CVE-2024-51741 and CVE-2024-46981 Nuclei flaw lets malicious templates bypass signature verification
, , , ,
, ,
Recent Posts