Good morning, everyone. I apologize if this is not the correct section; I'm relatively new here.
This morning, I received a CVE report from our cybersecurity agency regarding CVE on Kea DHCP. I checked the packet version in OPNsense, and it appears to be affected in the latest available version of OPNsense.
https://www.acn.gov.it/portale/en/w/aggiornamenti-di-sicurezza-per-prodotti-isc
https://www.cve.org/CVERecord?id=CVE-2025-32801
This is just as report :)
Quote from: Ametite on May 29, 2025, 09:34:17 AMGood morning, everyone. I apologize if this is not the correct section; I'm relatively new here.
This morning, I received a CVE report from our cybersecurity agency regarding CVE on Kea DHCP. I checked the packet version in OPNsense, and it appears to be affected in the latest available version of OPNsense.
https://www.acn.gov.it/portale/en/w/aggiornamenti-di-sicurezza-per-prodotti-isc
https://www.cve.org/CVERecord?id=CVE-2025-32801
This is just as report :)
Geometry Dash (https://geometrydashwave.io/)
Thanks for sharing! I have reviewed this CVE and found that the current Kea DHCP version on OPNsense is affected. Luckily, this is just a report, so we can still plan to patch soon. Has anyone tried to update or have a workaround?
It's a firewall appliance. Nobody who is not alread a firewall administrator has access to Kea configuration or API. This CVE is irrelevant in our context.