Critical OpenVPN Driver Vulnerability Allows Attackers to Crash Windows Systems cybersecuritynews.com/openvpn-d…

A critical buffer overflow vulnerability in OpenVPN’s data channel offload driver for Windows has been discovered, allowing local attackers to crash Windows systems by sending maliciously crafted control messages.

The vulnerability, identified as CVE-2025-50054, affects the ovpn-dco-win driver versions 1.3.0 and earlier, as well as version 2.5.8 and earlier, which has been the default virtual network adapter in OpenVPN since version 2.6.