9.1
CRITICAL
CVE-2024-5594
OpenVPN PATH Injection Vulnerability
Description

OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to inject unexpected arbitrary data into third-party executables or plug-ins.

INFO

Published Date :

Jan. 6, 2025, 2:15 p.m.

Last Modified :

Jan. 6, 2025, 5:15 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

5.2

Exploitability Score :

3.9
Affected Products

The following products are affected by CVE-2024-5594 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Openvpn openvpn
: Total Affected Vendor : 1 | Products : 1
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-5594.

URL Resource
https://community.openvpn.net/openvpn/wiki/CVE-2024-5594
https://www.mail-archive.com/[email protected]/msg07634.html

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-5594 vulnerability anywhere in the article.

  • TheCyberThrone
TheCyberThrone Security BiWeekly Review – January 25, 2025

Welcome to TheCyberThrone. Cybersecurity week in review will be posted covering the important security happenings. This review is for the bi-weekly ending on Saturday, January 25, 2025.CVE-2025-0411 i ... Read more

Published Date: Jan 26, 2025 (2 weeks, 3 days ago)
CVE-2025-0411 CVE-2025-0612 CVE-2025-0611 CVE-2025-21298 CVE-2024-5594 CVE-2024-45387 CVE-2024-54677 CVE-2024-50379 CVE-2024-49415 CVE-2024-38193
  • TheCyberThrone
CVE-2024-53691: PoC Exploit Code Release for QNAP Flaw

CVE-2024-53691 is a severe remote code execution (RCE) vulnerability discovered in QNAP NAS devices. Recently, security researcher c411e released a Proof-of-Concept (PoC) exploit code, underscoring th ... Read more

Published Date: Jan 20, 2025 (3 weeks, 2 days ago)
CVE-2024-7344 CVE-2025-0107 CVE-2024-5594 CVE-2024-52046 CVE-2024-54677 CVE-2024-50379 CVE-2024-53691 CVE-2024-38193
  • TheCyberThrone
CVE-2025-0107 PoC Exploit Code Released for PaloAlto Flaw

Background:CVE-2025-0107 is a critical OS command injection vulnerability discovered in Palo Alto Networks’ Expedition Tool, version 1.2.101 and earlier. Recently, security researchers released a Proo ... Read more

Published Date: Jan 19, 2025 (3 weeks, 3 days ago)
CVE-2024-7344 CVE-2025-0107 CVE-2024-5594 CVE-2024-52046 CVE-2024-54677 CVE-2024-50379 CVE-2024-44243 CVE-2024-27397
  • TheCyberThrone
CVE-2024-7344 impacts UEFI based systems

CVE-2024-7344 is a critical vulnerability affecting UEFI-based systems. It was discovered by researchers at ESET and involves a bypass of the UEFI Secure Boot mechanism, allowing untrusted code to run ... Read more

Published Date: Jan 18, 2025 (3 weeks, 3 days ago)
CVE-2024-7344 CVE-2025-23082 CVE-2024-5594 CVE-2024-52046 CVE-2024-27397
  • TheCyberThrone
CVE-2025-23082 impacts Veeam Backup for Microsoft Azure

CVE-2025-23082 is a high-severity security vulnerability identified in Veeam Backup for Microsoft Azure, a solution designed to protect workloads running in Microsoft’s Azure cloud environment. This v ... Read more

Published Date: Jan 17, 2025 (3 weeks, 5 days ago)
CVE-2023-37936 CVE-2025-23082 CVE-2024-50603 CVE-2024-5594 CVE-2024-44243 CVE-2024-38193
  • TheCyberThrone
CVE-2023-37936 impacts Fortinet FortiSwitch

CVE-2023-37936 is a critical security vulnerability identified in Fortinet FortiSwitch devices. This vulnerability is particularly severe due to its potential to allow unauthorized code execution, lea ... Read more

Published Date: Jan 16, 2025 (3 weeks, 5 days ago)
CVE-2024-55591 CVE-2023-37936 CVE-2024-12398 CVE-2024-5594 CVE-2024-44243 CVE-2024-47575
  • TheCyberThrone
Ivanti fixes Critical Security Vulnerabilities in EPM

OverviewIvanti has recently addressed multiple critical and high-severity vulnerabilities in its Endpoint Manager (EPM) software. These vulnerabilities could allow unauthorized access, remote code exe ... Read more

Published Date: Jan 16, 2025 (3 weeks, 5 days ago)
CVE-2024-13161 CVE-2024-13160 CVE-2024-13159 CVE-2024-13181 CVE-2024-13180 CVE-2024-13179 CVE-2024-10811 CVE-2024-10630 CVE-2024-55591 CVE-2024-12398 ...+10 more CVE
  • TheCyberThrone
CVE-2024-50603 impacts Aviatrix with Cryptomining

CVE-2024-50603 is a critical security vulnerability identified in the Aviatrix Controller, a cloud networking platform used to manage and secure cloud infrastructure across multiple providers. This vu ... Read more

Published Date: Jan 16, 2025 (3 weeks, 6 days ago)
CVE-2024-55591 CVE-2024-12398 CVE-2024-50603 CVE-2024-5594 CVE-2024-44243
  • TheCyberThrone
CVE-2024-44243: macOS SIP Bypass Flaw

CVE-2024-44243 is a critical vulnerability discovered in macOS that allows attackers to bypass Apple’s System Integrity Protection (SIP) by exploiting third-party kernel extensions. This vulnerability ... Read more

Published Date: Jan 15, 2025 (3 weeks, 6 days ago)
CVE-2024-55591 CVE-2024-12398 CVE-2024-5594 CVE-2024-54677 CVE-2024-50379 CVE-2024-44243 CVE-2024-49415
  • TheCyberThrone
Google Chrome fixes 16 flaws with the latest version

Google has released version 132.0.6834.83/84 of its Chrome browser on January 14, 2025. This update addresses several critical security vulnerabilities to enhance the browser’s security and stability. ... Read more

Published Date: Jan 15, 2025 (3 weeks, 6 days ago)
CVE-2025-0448 CVE-2025-0447 CVE-2025-0446 CVE-2025-0443 CVE-2025-0442 CVE-2025-0441 CVE-2025-0440 CVE-2025-0439 CVE-2025-0438 CVE-2025-0437 ...+8 more CVE
  • TheCyberThrone
CISA adds Fortinet flaw CVE-2024-55591 to KEV Catalog

CVE-2024-55591 is a critical vulnerability affecting Fortinet’s FortiOS and FortiProxy devices. This vulnerability allows a remote attacker to bypass authentication mechanisms and gain super-admin pri ... Read more

Published Date: Jan 15, 2025 (3 weeks, 6 days ago)
CVE-2024-55591 CVE-2024-12398 CVE-2024-12847 CVE-2024-5594 CVE-2024-54677 CVE-2024-50379 CVE-2024-49415 CVE-2024-47575
  • TheCyberThrone
Microsoft Patch Tuesday- January 2025

Microsoft released the January 2025 Patch Tuesday updates on January 14, 2025, focusing on addressing critical security vulnerabilities across various Microsoft products. This update cycle includes se ... Read more

Published Date: Jan 15, 2025 (4 weeks ago)
CVE-2025-21395 CVE-2025-21366 CVE-2025-21362 CVE-2025-21354 CVE-2025-21335 CVE-2025-21334 CVE-2025-21333 CVE-2025-21311 CVE-2025-21309 CVE-2025-21308 ...+9 more CVE
  • TheCyberThrone
CVE-2024-12398 impacts Zyxel Devices

CVE-2024-12398 is a critical vulnerability discovered in the web management interface of certain Zyxel devices. This vulnerability allows an authenticated user with limited privileges to escalate thei ... Read more

Published Date: Jan 14, 2025 (4 weeks ago)
CVE-2024-12398 CVE-2024-12847 CVE-2024-5594 CVE-2024-54498 CVE-2024-49415 CVE-2024-11667
  • TheCyberThrone
CISA KEV Catalog Update Part III- January 2025

The US CISA has recently included two significant vulnerabilities, CVE-2024-12686 and CVE-2023-48365, in its Known Exploited Vulnerabilities (KEV) Catalog. This catalog is an essential resource for or ... Read more

Published Date: Jan 14, 2025 (4 weeks, 1 day ago)
CVE-2024-12847 CVE-2024-5594 CVE-2024-12686 CVE-2024-54498 CVE-2024-49415 CVE-2023-48365
  • TheCyberThrone
CVE-2024-54498: Exploit Code Released for macOS Flaw

OverviewCVE-2024-54498 is a critical vulnerability affecting macOS systems, specifically those running versions prior to 2.6.11. This vulnerability, discovered by security researcher @wh1te4ever, invo ... Read more

Published Date: Jan 13, 2025 (4 weeks, 1 day ago)
CVE-2024-5594 CVE-2024-54498 CVE-2024-49415 CVE-2024-38193
  • TheCyberThrone
TheCyberThrone Security Weekly Review – January 11, 2025

Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, January 11, 2025.Redis was affected by CV ... Read more

Published Date: Jan 12, 2025 (4 weeks, 2 days ago)
CVE-2024-12847 CVE-2024-53704 CVE-2024-51741 CVE-2024-46981 CVE-2024-5594 CVE-2024-10957 CVE-2024-12108 CVE-2024-49415 CVE-2024-43405 CVE-2024-38193
  • TheCyberThrone
Chinese MirrorFace APT targets Japan

The MirrorFace Advanced Persistent Threat (APT) group, also known as Earth Kasha, has been linked to a series of cyber-attacks targeting Japan. These attacks have been ongoing since 2019 and have prim ... Read more

Published Date: Jan 12, 2025 (4 weeks, 2 days ago)
CVE-2024-12847 CVE-2024-53704 CVE-2024-5594 CVE-2024-49415 CVE-2023-3519 CVE-2023-27997 CVE-2023-28461
  • TheCyberThrone
CVE-2024-5594 impacts OpenVPN

CVE-2024-5594 is a critical vulnerability identified in OpenVPN versions prior to 2.6.11. This vulnerability stems from improper sanitization of PUSH_REPLY messages, which allows attackers to inject u ... Read more

Published Date: Jan 12, 2025 (1 month ago)
CVE-2024-12847 CVE-2024-53704 CVE-2024-5594 CVE-2024-54677 CVE-2024-50379 CVE-2024-49415
  • Cybersecurity News
CVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available

HPE Aruba Networking has issued a security advisory addressing multiple command injection vulnerabilities in its 501 Wireless Client Bridge. These flaws, tracked as CVE-2024-54006 and CVE-2024-54007, ... Read more

Published Date: Jan 09, 2025 (1 month ago)
CVE-2024-54007 CVE-2024-54006 CVE-2024-5594 CVE-2024-42509

The following table lists the changes that have been made to the CVE-2024-5594 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jan. 06, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
  • New CVE Received by [email protected]

    Jan. 06, 2025

    Action Type Old Value New Value
    Added Description OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to inject unexpected arbitrary data into third-party executables or plug-ins.
    Added CWE CWE-1287
    Added Reference https://community.openvpn.net/openvpn/wiki/CVE-2024-5594
    Added Reference https://www.mail-archive.com/[email protected]/msg07634.html
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-5594 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-5594 weaknesses.

CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
: