CVE-2023-46850: OpenVPN Access Server Flaw Exposes Sensitive Data, RCE Possible

OpenVPN Access Server, a popular open-source VPN solution, has been patched to address two vulnerabilities that could allow attackers to gain unauthorized access to sensitive information.
OpenVPN Access Server 是一种流行的开源 VPN 解决方案，已修补以解决两个漏洞，这两个漏洞可能允许攻击者未经授权访问敏感信息。

The vulnerabilities, CVE-2023-46849 and CVE-2023-46850, affect OpenVPN Access Server versions 2.11.0, 2.11.1, 2.11.2, 2.11.3, 2.12.0, and 2.12.1. These versions contain a copy of OpenVPN 2.6 that has two vulnerabilities in it:
CVE-2023-46849 和 CVE-2023-46850 漏洞影响 OpenVPN Access Server 版本 2.11.0、2.11.1、2.11.2、2.11.3、2.12.0 和 2.12.1。这些版本包含 OpenVPN 2.6 的副本，其中包含两个漏洞：

CVE-2023-46849: Division by Zero Crash
CVE-2023-46849：除以零崩溃

The first vulnerability, CVE-2023-46849, is a division by zero crash that can occur when the OpenVPN Access Server is configured with the –fragment option enabled. While this configuration is not part of the default setup, some users may have explicitly enabled it. If exploited, this vulnerability could potentially crash the OpenVPN Access Server, disrupting VPN connectivity and potentially exposing sensitive data.
第一个漏洞 CVE-2023-46849 是 OpenVPN 访问服务器配置了 –fragment 选项时可能发生的除以零崩溃。虽然此配置不是默认设置的一部分，但某些用户可能已明确启用它。如果被利用，此漏洞可能会使 OpenVPN 访问服务器崩溃，从而中断 VPN 连接并可能暴露敏感数据。

CVE-2023-46850: Use-After-Free Memory Security Issue
CVE-2023-46850：释放后使用内存安全问题CVE-2023-46850： Use-after-Re-Free Memory Security Issue

The second vulnerability, CVE-2023-46850, is a more severe use-after-free memory security issue that could allow attackers to leak sensitive information from the OpenVPN Access Server’s memory. In extreme cases, this vulnerability could also potentially lead to remote code execution, enabling attackers to take control of the affected server.
第二个漏洞 CVE-2023-46850 是一个更严重的释放后使用内存安全问题，可能允许攻击者从 OpenVPN 访问服务器的内存中泄露敏感信息。在极端情况下，此漏洞还可能导致远程代码执行，使攻击者能够控制受影响的服务器。

“OpenVPN 2.6 from v2.6.0 up to and including v.2.6.6 incorrectly use a send buffer after it has been free()d in some circumstances, causing some free()d memory to be sent to the peer. All configurations using TLS (e.g. not using –secret) are affected by this issue,” read the security advisory.
“OpenVPN 2.6 从 v2.6.0 到 v.2.6.6 在某些情况下，在 free（）d 之后错误地使用发送缓冲区，导致一些 free（）d 内存被发送到对等方。所有使用 TLS 的配置（例如不使用 –secret）都会受到此问题的影响，“阅读安全公告。

Immediate Upgrade to OpenVPN Access Server 2.12.2
立即升级到 OpenVPN Access Server 2.12.2

To mitigate these critical vulnerabilities, OpenVPN has released version 2.12.2 of OpenVPN Access Server, which incorporates the newly released OpenVPN 2.6.7 that addresses both vulnerabilities. All users of OpenVPN Access Server versions 2.11.0, 2.11.1, 2.11.2, 2.11.3, 2.12.0, or 2.12.1 are strongly urged to upgrade to version 2.12.2 immediately to protect their systems from potential exploitation.
为了缓解这些严重漏洞，OpenVPN 发布了 OpenVPN Access Server 2.12.2 版本，其中包含了新发布的 OpenVPN 2.6.7，可解决这两个漏洞。强烈建议OpenVPN Access Server版本2.11.0,2.11.1,2.11.2,2.11.3,2.12.0或2.12.1的所有用户立即升级到版本2.12.2，以保护其系统免受潜在利用。

Protecting Your VPN Security
保护您的 VPN 安全

In addition to upgrading to the latest version of OpenVPN Access Server, it is crucial to implement additional security measures to safeguard your VPN infrastructure:
除了升级到最新版本的 OpenVPN Access Server 外，实施额外的安全措施来保护您的 VPN 基础设施也至关重要：

1. Regularly Update Software: Keep your VPN software and operating system up to date with the latest security patches.
   定期更新软件：使用最新的安全补丁使您的 VPN 软件和操作系统保持最新状态。

2. Strong Password Enforced: Enforce strong password policies for all VPN users, including minimum password length, complexity requirements, and regular password changes.
   强制执行强密码：对所有 VPN 用户强制执行强密码策略，包括最小密码长度、复杂性要求和定期更改密码。

3. Two-Factor Authentication: Implement two-factor authentication (2FA) for an additional layer of security when accessing the VPN.
   双因素身份验证：在访问 VPN 时实施双因素身份验证 （2FA） 以获得额外的安全层。

4. VPN Access Restrictions: Restrict VPN access to authorized users and devices, limiting access to only those who genuinely require it.
   VPN 访问限制：将 VPN 访问限制为授权用户和设备，将访问权限限制为仅真正需要它的用户和设备。

5. Network Monitoring: Continuously monitor your VPN network for suspicious activity or unauthorized access attempts.
   网络监控：持续监控您的 VPN 网络，以发现可疑活动或未经授权的访问尝试。

原文始发于DO SON：CVE-2023-46850: OpenVPN Access Server Flaw Exposes Sensitive Data, RCE Possible