CVE-2024-25728
First published: Sun Feb 11 2024(Updated: )
ExpressVPN before 12.73.0 on Windows, when split tunneling is used, sends DNS requests according to the Windows configuration (e.g., sends them to DNS servers operated by the user's ISP instead of to the ExpressVPN DNS servers), which may allow remote attackers to obtain sensitive information about websites visited by VPN users.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ExpressVPN | >=12.23.1<12.73.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-25728?
The severity of CVE-2024-25728 is considered significant due to potential information leakage.
How do I fix CVE-2024-25728?
To fix CVE-2024-25728, update ExpressVPN to version 12.73.0 or later.
What is the impact of CVE-2024-25728?
The impact of CVE-2024-25728 may include exposure of DNS queries, potentially leading to sensitive information disclosure.
What versions of ExpressVPN are affected by CVE-2024-25728?
Versions of ExpressVPN earlier than 12.73.0 are affected by CVE-2024-25728.
Does CVE-2024-25728 affect all Windows configurations?
Yes, CVE-2024-25728 affects ExpressVPN installations on Windows, specifically when using split tunneling.
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/severity
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/expressvpn
- canonical/expressvpn
- version/expressvpn/12.23.1