{
  "threat_severity" : "Low",
  "public_date" : "2025-12-03T16:22:35Z",
  "bugzilla" : {
    "description" : "OpenVPN: OpenVPN: Local denial of service vulnerability in interactive service agent",
    "id" : "2418624",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2418624"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-770",
  "details" : [ "Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7_alpha1 through 2.7_rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.", "A flaw was found in OpenVPN. This vulnerability allows a local denial of service via a local authenticated user connecting to the interactive service agent on Windows and triggering an error." ],
  "statement" : "This vulnerability is rated Low for Red Hat. The flaw affects the interactive service agent in OpenVPN on Windows, allowing a local authenticated user to trigger a denial of service. Red Hat's OpenVPN packages are typically deployed on Linux systems and do not include the Windows-specific interactive service agent, therefore No Red Hat products or offerings are affected by this vulnerability.",
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-13751\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-13751\nhttps://community.openvpn.net/Security%20Announcements/CVE-2025-13751\nhttps://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00153.html\nhttps://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00154.htmlhttps://" ],
  "name" : "CVE-2025-13751",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}