CVE-2024-5198

Publication date

2025-01-15 12:57:25

Family

OpenVPN

State

PUBLISHED

Description

OpenVPN ovpn-dco for Windows version 1.1.1 allows an unprivileged local attacker to send I/O control messages with invalid data to the driver resulting in a NULL pointer dereference leading to a system halt.