all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OpenVPN Access Server Vulnerabilities: Risk of Information Exposure, DoS, and RCE (CVE-2023-46849, CVE-2023-46850)

Add to bookmarks
Nov. 13, 2023, 10:45 a.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Last week, OpenVPN Access Server, a widely-used open-source VPN solution, received an update addressing two vulnerabilities, tracked as CVE-2023-46849 and CVE-2023-46850. Although CVSS scores for these vulnerabilities are pending, they can enable attackers to gain unauthorized access to sensitive information and, in some cases, facilitate Remote Code Execution (RCE).


OpenVPN is an open-source VPN software providing secure connections through the SSL/TLS protocol.


Which Versions of OpenVPN Access Server Are Affected?


Reportedly, the following versions of OpenVPN Access Server include …

access attackers cases code cve cvss cvss scores dos enable exposure information openvpn rce remote code risk sensitive sensitive information server solution unauthorized access update vpn vulnerabilities week

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration an hour ago | malware.news
article cloud collaboration customers +13
Mounting global ransomware attacks significantly impact US 2 hours ago | malware.news
article attacks avril haines director +12
Media, think tank, service spoofing conducted in APT42 cyberespionage operations 2 hours ago | malware.news
apt42 campaigns charming kitten cyberespionage +30
Old vulnerable D-Link routers subjected to novel Goldoon botnet attacks 2 hours ago | malware.news
april article attacks botnet +13
Android apps targeted by new Dirty Stream attack 2 hours ago | malware.news
android android apps apps arbitrary code +18
Details on 2021 Chemonics hack remain scant 2 hours ago | malware.news
agency article compromised cyberattack +11
Data breach impacts Airsoft community site 2 hours ago | malware.news
article breach cloud cloud storage +20
New AI security bill unveiled in Senate 2 hours ago | malware.news
act ai act ai security article +15
Path traversal vulnerability elimination in software sought by feds 2 hours ago | malware.news
agency article bleepingcomputer cybersecurity +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Intern, Cyber Security Vulnerability Management

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Compliance - Global Privacy Office - Associate - Bengaluru

@ Goldman Sachs | Bengaluru, Karnataka, India
View on infosec-jobs.com

Cyber Security Engineer (m/w/d) Operational Technology

@ MAN Energy Solutions | Oberhausen, DE, 46145
View on infosec-jobs.com

Armed Security Officer - Hospital

@ Allied Universal | Sun Valley, CA, United States
View on infosec-jobs.com

Governance, Risk and Compliance Officer (Africa)

@ dLocal | Lagos (Remote)
View on infosec-jobs.com

Junior Cloud DevSecOps Network Engineer

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com
View more jobs