CVSS Score of 10 (low)


Published Oct 12, 2023
Updated: Oct 18, 2023
CWE ID 300


CVE-2023-32634 is an authentication bypass vulnerability in SoftEther VPN versions 5.01.9674 and 4.41-9782-beta. This vulnerability can be triggered by a local man-in-the-middle attack. The affected products are tzul2R and tzul2Y. The potential danger posed to an organization is high, with a base severity rating of "HIGH" and impacts including high integrity and confidentiality impact. To remediate this vulnerability, users should update their SoftEther VPN software to the latest version available.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-32634 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options