A significant security vulnerability, designated as CVE-2024-13454, has been discovered in the OpenVPN Easy-RSA tool, specifically affecting versions from 3.0.5 to 3.2.0 that utilize OpenSSL 3. This flaw pertains to the incorrect encryption of password-protected Certificate Authority (CA) private keys when using the easyrsa build-ca command. Instead of employing the secure aes-256-cbc cipher as intended, Easy-RSA incorrectly defaults to […]
The post OpenVPN Easy-rsa Vulnerability Allows Attacker to Bruteforce Private CA key appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
This article has been indexed from GBHackers Security | #1 Globally Trusted Cyber Security News Platform