Vulnerability Name Microsoft Smart VPN 1.1.3.0 Denial of Service via Search Vulnerability Overview Vulnerability Type: Denial of Service (DoS) Vulnerability ID: CVE-2024-25238 Description: Microsoft Smart VPN 1.1.3.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input through the search interface. Specifically, attackers can input over 250 characters into the top right search bar to trigger an unhandled exception that crashes the application. Impact Scope Affected Software: Microsoft Smart VPN Affected Version: 1.1.3.0 Affected Component: Search functionality Remediation No specific remediation or patch information is provided on the page (the Remediation section is empty). POC/Exploit Code No specific code block is provided on the page. The exploitation method involves inputting over 250 characters into the search bar.