CVE - CVE-2019-14899

CVE-ID
CVE-2019-14899	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:20200717 APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6 URL:http://seclists.org/fulldisclosure/2020/Jul/23 MISC:20200717 APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra URL:http://seclists.org/fulldisclosure/2020/Jul/24 MISC:20200717 APPLE-SA-2020-07-15-3 tvOS 13.4.8 URL:http://seclists.org/fulldisclosure/2020/Jul/25 MISC:20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 URL:http://seclists.org/fulldisclosure/2020/Nov/20 MISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 URL:http://seclists.org/fulldisclosure/2020/Dec/32 MISC:[oss-security] 20200813 Blind in/on-path attacks against VPN-tunneled connections (CVE-2019-14899 follow-up) URL:http://www.openwall.com/lists/oss-security/2020/08/13/2 MISC:[oss-security] 20201007 Re: [CVE-2019-14899] Inferring and hijacking VPN-tunneled TCP connections. URL:http://www.openwall.com/lists/oss-security/2020/10/07/3 MISC:[oss-security] 20210704 Re: Blind in/on-path attacks against VPN-tunneled connections (CVE-2019-14899 follow-up) URL:http://www.openwall.com/lists/oss-security/2021/07/05/1 MISC:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14899 URL:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14899 MISC:https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/ URL:https://openvpn.net/security-advisory/no-flaws-found-in-openvpn-software/ MISC:https://support.apple.com/kb/HT211288 URL:https://support.apple.com/kb/HT211288 MISC:https://support.apple.com/kb/HT211289 URL:https://support.apple.com/kb/HT211289 MISC:https://support.apple.com/kb/HT211290 URL:https://support.apple.com/kb/HT211290 MISC:https://support.apple.com/kb/HT211850 URL:https://support.apple.com/kb/HT211850 MISC:https://support.apple.com/kb/HT211931 URL:https://support.apple.com/kb/HT211931
Assigning CNA
Red Hat, Inc.
Date Record Created
20190810	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20190810)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE™ List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2025, The MITRE Corporation. CVE is a trademark and the CVE logo is a registered trademark of The MITRE Corporation.