Skip to main content

Mondoo

Vulnerability Management
Technology
Services

Solutions

Financial Services
Manufacturing
Healthcare

Resources

Blog
Vulnerability Database
Documentation
GitHub

Company

About
Careers
Partners
Contact

Legal

Privacy
Terms
Imprint

© 2026 Mondoo, Inc.

Log in Get Assessment

Vulnerability IntelligenceCVE-2023-32275

CVE-2023-32275

MEDIUM5.5

An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4

Published Oct 12, 2023

Modified 6 months ago

Details

An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753

https://www.cve.org/CVERecord?id=CVE-2023-32275

https://www.softether.org/9-about/News/904-SEVPN202301

https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1753

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

NoneA:N

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weakness Type (CWE)

Other

Ecosystems

Timeline

PublishedOct 12, 2023

ModifiedNov 4, 2025

CVE-2023-32275 | Mondoo Vulnerability Intelligence