CVE-2013-2061

low

Published 2013-11-18 · Modified 2026-04-29

CVSS v3

—

CVSS v2

2.6

VIR risk

2.6

Description

The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2013-2061

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — http://lists.opensuse.org/opensuse-updates/2013-11/msg00012.html

OS impact

OS	Version	Status	Fixed in
suse	11.4	affected
debian	bookworm	fixed	`2.3.1-1`
debian	bullseye	fixed	`2.3.1-1`
debian	forky	fixed	`2.3.1-1`
debian	sid	fixed	`2.3.1-1`
debian	trixie	fixed	`2.3.1-1`

Application impact

Vendor	Product	Versions
openvpn	openvpn	`{"endIncluding":"2.3.0"}`
openvpn	openvpn	`1.2.0`
openvpn	openvpn	`1.2.1`
openvpn	openvpn	`1.3.0`
openvpn	openvpn	`1.3.1`
openvpn	openvpn	`1.3.2`
openvpn	openvpn	`1.4.0`
openvpn	openvpn	`1.4.1`
openvpn	openvpn	`1.4.2`
openvpn	openvpn	`1.4.3`
openvpn	openvpn	`1.5.0`
openvpn	openvpn	`1.6.0`
openvpn	openvpn	`2.1.0`
openvpn	openvpn	`2.2.0`
openvpn	openvpn_access_server	`2.0.0`

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.