What the vulnerability does

01Description

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3

Key dates

02Disclosure timeline

January 20, 2025 CVE published
January 21, 2025 Record updated