CVE-2025-11955

Name of the Vulnerable Software and Affected Versions TheGreenBow VPN versions 7.5 through 7.6

Description The software does not properly validate OCSP certificates. During the IKEv2 authentication process, the VPN client establishes a tunnel even if an OCSP response is not received or if the OCSP response signature is invalid. OCSP (Online Certificate Status Protocol) is a protocol used to determine the revocation status of digital certificates. IKEv2 (Internet Key Exchange version 2) is a protocol used to set up a security association in the Internet Protocol Security (IPsec) protocol suite.

Recommendations Update TheGreenBow VPN to a version newer than 7.6.