Primary

Context

Microsoft Smart VPN Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Microsoft Smart VPN version 1.1.3.0. This vulnerability allows local attackers to crash the application by sending oversized input through the search interface. By pasting a buffer of 2100 characters into the search bar, attackers can trigger an unhandled exception that causes the application to crash.

Impact

Exploitation of this vulnerability leads to a crash of the Microsoft Smart VPN application, causing a denial-of-service condition.

Reproduction

To reproduce this vulnerability, paste a buffer of 2100 characters into the top right search bar of the Microsoft Smart VPN application version 1.1.3.0. Press Enter, and the application will crash due to an unhandled exception.

Added: Apr 4, 2026, 2:24 PM

Updated: Apr 4, 2026, 2:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

5.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft Smart VPN Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating