
Cyber Security News ® OpenVPN Connect Vulnerability Let Attackers Access Users’ Private Keys | Source: https://lnkd.in/gYgX_Khx
A critical vulnerability, identified as CVE-2024-8474, has been discovered in OpenVPN Connect, a popular VPN client software. This flaw could allow attackers to access users’ private keys, potentially compromising the confidentiality of their VPN traffic.
The vulnerability affects all versions of OpenVPN Connect prior to 3.5.0 and has been classified as a high-severity issue. The issue stems from improper handling of sensitive information within the application.
Specifically, OpenVPN Connect logs the private key from configuration profiles in clear text within its application logs.
0 Comments