Unrated severityNVD Advisory· Published Apr 2, 2025· Updated Oct 23, 2025
CVE-2025-2704
CVE-2025-2704
Description
OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- community.openvpn.net/openvpn/wiki/CVE-2025-2704mitrevendor-advisory
- www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00142.htmlmitrerelease-notes
News mentions
0No linked articles in our index yet.