CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-1305

tap-windows6 driver version 9.26 and earlier does not properly check the size data of incomming write operations which an attacker can use to overflow memory buffers, resulting in a bug check and potentially arbitrary code execution in kernel space

Exploit prediction scoring system (EPSS) score

EPSS Score 0.083

EPSS Ranking 91.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://community.openvpn.net/openvpn/wiki/CVE-2024-1305
https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html
https://community.openvpn.net/openvpn/wiki/CVE-2024-1305
https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html

Products affected by CVE-2024-1305

Openvpn » Tap-Windows6 » Version: 9.25.0

cpe:2.3:a:openvpn:tap-windows6:9.25.0
Openvpn » Tap-Windows6 » Version: 9.26.0

cpe:2.3:a:openvpn:tap-windows6:9.26.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1305

Products

Pricing

Contact Us