Detections
Analytics
OpenVPN 2.7.0_beta3 < 2.7.0_I017 Buffer Overflow (Windows)
medium Nessus Plugin ID 300078
Synopsis
An application on the remote Windows host is affected by buffer overflow vulnerability.Description
According to its self-reported version number, the version of OpenVPN installed on the remote Windows host is affected by buffer overflow vulnerability:- The ovpn-dco-win version 2.8.0 has a flaw which appears when connecting to an OpenVPN 2.7.0 server, or other implementations with data epoch keys support. This moved the AEAD tag towards the end of the encrypted packet. In the ovpn-dco-win version 2.8.0, the calculated buffer length did not account for the needed buffer overhead to add the AEAD tag, which resulted in a buffer overflow. The ovpn-dco-win version 2.8.0 was shipped with OpenVPN version 2.7_beta3 through 2.7.0_I016. The OpenVPN 2.7.0_I017 Windows installer provides ovpn-dco-win version 2.8.2 which resolves this issue. (CVE-2026-2738)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
See vendor advisory.See Also
Plugin Details
Severity: Medium
ID: 300078
File Name: openvpn_CVE-2026-2738.nasl
Version: 1.1
Type: local
Agent: windows
Family: Windows
Published: 2/27/2026
Updated: 2/27/2026
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Medium
Base Score: 4
Vector: CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C
CVSS Score Source: CVE-2026-2738
CVSS v3
Risk Factor: Medium
Base Score: 4.7
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS v4
Risk Factor: Medium
Base Score: 6.8
Threat Score: 5.6
Threat Vector: CVSS:4.0/E:P
Vector: CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
CVSS Score Source: CVE-2026-2738
Vulnerability Information
CPE: cpe:/a:openvpn:openvpn
Required KB Items: installed_sw/OpenVPN Server
Patch Publication Date: 2/19/2026
Vulnerability Publication Date: 2/19/2026
Reference Information
CVE: CVE-2026-2738
IAVA: 2026-A-0176