OpenVPN OVPN-DCO for Windows NULL Pointer Dereference Vulnerability Leading to System Halt

Vulnerability

A vulnerability in OpenVPN OVPN-DCO for Windows, specifically in version 1.1.1, allows an unprivileged local attacker to send I/O control messages with invalid data to the driver. This action causes a NULL pointer dereference, which ultimately leads to a system crash.

Impact

Exploitation of this vulnerability causes a system crash due to a NULL pointer dereference.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenVPN OVPN-DCO for Windows NULL Pointer Dereference Vulnerability Leading to System Halt

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating