vulnerability
FreeBSD: VID-17a40d76-c3fd-11f0-b513-0da7be77c170 (CVE-2025-13086): OpenVPN -- HMAC verification on source IP address ineffective
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Nov 17, 2025 | Dec 10, 2025 | Feb 12, 2026 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Nov 17, 2025
Added
Dec 10, 2025
Modified
Feb 12, 2026
Description
Arne Schwabe reports: Fix memcmp check for the hmac verification in the 3way handshake being inverted This is a stupid mistake but causes all hmac cookies to be accepted, thus breaking source IP address validation. As a consequence, TLS sessions can be openend and state can be consumed in the server from IP addresses that did not initiate an initial connection. While at it, fix check to only allow [t-2;t] timeslots, disallowing HMACs coming in from a future timeslot.
Solutions
freebsd-upgrade-package-openvpnfreebsd-upgrade-package-openvpn-devel
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.