CVE-2023-35838
low-risk
Published 2023-08-09
The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into blocking IP traffic to selected IP addresses and services even while the VPN is enabled. NOTE: the tunnelcrack.mathyvanhoef.com website uses this CVE ID to refer more generally to "LocalNet attack resulting in the blocking of traffic" rather than to only WireGuard.
Do I need to act?
-
0.05% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.7/10
Medium
ADJACENT_NETWORK
/ LOW complexity
Affected Products (1)
Wireguard
Affected Vendors
References (6)
Product
https://wireguard.com
Product
https://wireguard.com
24
/ 100
low-risk
Severity
19/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal