CVE-2019-14899 — Channel Accessible by Non-Endpoint in Apple Macos Catalina 10.15.6 Security Update 2020-004 Mojave Security Update 2020-004
Severity
7.4HIGHNVD
EPSS
0.1%
top 84.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 11
Latest updateMay 24
Description
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.
CVSS vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 1.5 | Impact: 5.9
Affected Packages9 packages
🔴Vulnerability Details
2GHSA▶
GHSA-rwr5-xr2c-7wc8: A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to deter↗2022-05-24
OSV▶
CVE-2019-14899: A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to deter↗2019-12-11
📋Vendor Advisories
4📄Research Papers
1arXiv▶
Well Begun is Half Done: An Empirical Study of Exploitability & Impact of Base-Image Vulnerabilities↗2021-12-21
💬Community
8Bugzilla▶
CVE-2019-14899 openvpn: ike: an attacker can inject data into the TCP stream which allows a hijack of active connections inside the VPN tunnel [epel-all]↗2019-12-06
Bugzilla▶
CVE-2019-14899 ike: openvpn: ike: an attacker can inject data into the TCP stream which allows a hijack of active connections inside the VPN tunnel [epel-6]↗2019-12-06
Bugzilla▶
CVE-2019-14899 openvpn: ike: an attacker can inject data into the TCP stream which allows a hijack of active connections inside the VPN tunnel [fedora-all]↗2019-12-06