CVE-2025-11955

Vulnerability Description

Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it does not receive an OCSP response or if the OCSP response signature is invalid.

Related Weaknesses (CWE)

CWE-299

References

https://www.incibe.es/en/incibe-cert/notices/aviso/incorrect-validation-ocsp-cer
https://www.thegreenbow.com/en/support/security-alerts/

FAQ

What is CVE-2025-11955?

CVE-2025-11955 is a documented vulnerability. Incorrect validation of OCSP certificates vulnerability in TheGreenBow VPN, versions 7.5 and 7.6. During the IKEv2 authentication step, the OCSP-enabled VPN client establishes the tunnel even if it do...

How severe is CVE-2025-11955?

CVSS scoring is not yet available for CVE-2025-11955. Check NVD for updates.

Is there a patch for CVE-2025-11955?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.