A significant security vulnerability, designated as CVE-2024-13454, has been discovered in the OpenVPN Easy-RSA tool, specifically affecting versions from 3.0.5 to 3.2.0 that utilize OpenSSL 3. This flaw pertains to the incorrect encryption of password-protected Certificate Authority (CA) private keys when using the easyrsa build-ca command. Instead of employing the secureaes-256-cbccipher as intended, Easy-RSA incorrectly defaults to […] The post OpenVPN Easy-rsa Vulnerability Allows Attacker to Bruteforce Private CA key appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/openvpn-easy-rsa-vulnerability/
