OpenVPN 3 Linux v20-v24: Local Symlink Ownership Escalation
CVE-2025-3908 Published on May 19, 2025
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory.
Vulnerability Analysis
CVE-2025-3908 is exploitable with local system access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an insecure temporary file Vulnerability?
The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CVE-2025-3908 has been classified to as an insecure temporary file vulnerability or weakness.
Products Associated with CVE-2025-3908
Want to know whenever a new CVE is published for Openvpn3linux? stack.watch will email you.
Affected Versions
OpenVPN 3 Linux:- Version v20, <= v24 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.