OpenVPN Connect Vulnerability Let Attackers Access Users’ Private Keys

A critical vulnerability, CVE-2024-8474, in OpenVPN Connect allows attackers to access users’ private keys, potentially compromising VPN traffic. The vulnerability, affecting all versions prior to 3.5.0, stems from improper handling of sensitive information within the application logs. Users are advised to update their software and implement security measures to mitigate the risk of exploitation.