Vulnerability Description
Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulting in a denial of service
Related Weaknesses (CWE)
References
- https://community.openvpn.net/Security%20Announcements/CVE-2025-15497
- https://www.mail-archive.com/[email protected]/msg00156.htm
FAQ
What is CVE-2025-15497?
CVE-2025-15497 is a documented vulnerability. Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulting in a denial of service
How severe is CVE-2025-15497?
CVSS scoring is not yet available for CVE-2025-15497. Check NVD for updates.
Is there a patch for CVE-2025-15497?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.