Primary

Context

TheGreenBow VPN OCSP Certificate Validation Vulnerability

Vulnerability

Patched

A vulnerability exists in TheGreenBow VPN Client for Windows Enterprise, specifically in versions 7.5 and 7.6, due to incorrect validation of OCSP certificates. During the IKEv2 authentication process, the VPN client can establish a tunnel even if it fails to receive a valid OCSP response or if the OCSP response's signature is invalid.

Impact

This vulnerability could lead to unauthorized VPN tunnel establishment, allowing potentially unverified connections to be made.

Remediation

Users can upgrade to TheGreenBow VPN Client version 7.7, where this vulnerability has been addressed. For immediate needs, it is recommended to use the CRL verification function available in VPN clients.

Added: Oct 27, 2025, 12:25 PM

Updated: Oct 27, 2025, 1:37 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TheGreenBow VPN OCSP Certificate Validation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

TheGreenBow VPN Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating