CVE-2020-11810

Name: CVE-2020-11810
Creator: NVD / NIST
Published: 2020-04-27T15:15:12.407+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

LOWCVSS 3.7/10EPSS 1.61%

Last modified Jun 17, 2026

CVE-2020-11810 is a low-severity vulnerability rated 3.7/10 on the CVSS scale. An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. EPSS estimates a 1.61% chance of exploitation in the next 30 days.

Description

An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use.

Metrics

CVSS 3.1

3.7/10

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Probability

1.61%

72.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-362

Affected Software

Vendor	Product	Versions
Openvpn	Openvpn	>= 2.4.0, < 2.4.9
Debian	Debian Linux	8.0
Debian	Debian Linux	9.0
Debian	Debian Linux	10.0
Fedoraproject	Fedora	30
Fedoraproject	Fedora	32

References

https://bugzilla.suse.com/show_bug.cgi?id=1169925Issue Tracking, Third Party Advisory
https://community.openvpn.net/openvpn/ticket/1272Exploit, Vendor Advisory
https://github.com/OpenVPN/openvpn/commit/37bc691e7d26ea4eb61a8a434ebd7a9ae76225abPatch, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/05/msg00002.htmlMailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGHHV4YZANZW45KZTJJGVGPFMSXYRCKZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JII7RYYYRBPQNEGGVSOXCM7JUZ43T3VH/
https://patchwork.openvpn.net/patch/1079/Patch, Vendor Advisory
https://security-tracker.debian.org/tracker/CVE-2020-11810Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1169925Issue Tracking, Third Party Advisory
https://community.openvpn.net/openvpn/ticket/1272Exploit, Vendor Advisory
https://github.com/OpenVPN/openvpn/commit/37bc691e7d26ea4eb61a8a434ebd7a9ae76225abPatch, Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/05/msg00002.htmlMailing List, Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGHHV4YZANZW45KZTJJGVGPFMSXYRCKZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JII7RYYYRBPQNEGGVSOXCM7JUZ43T3VH/
https://patchwork.openvpn.net/patch/1079/Patch, Vendor Advisory
https://security-tracker.debian.org/tracker/CVE-2020-11810Third Party Advisory

Timeline

Published: Apr 27, 2020
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2020-11810?

How severe is CVE-2020-11810?

CVE-2020-11810 has a CVSS score of 3.7/10 (LOW severity). The EPSS model estimates a 1.61% probability of exploitation in the next 30 days.

How do I fix CVE-2020-11810?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-11810?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST