tinc VPN Authentication Bypass and Meta Message Tampering

Product tinc VPN
Severity High
CVE Reference CVE-2018-16737, CVE-2018-16738, CVE-2018-16758
Type Cryptographic Protocol Flaws


tinc ( is a piece of software used to create Virtual Private Networks (VPNs).

A lack of authenticity verification enables attackers to bypass the authentication scheme, due to a decryption oracle, as well as to modify meta-messages, if they are in a position to Man in the Middle (MitM) traffic. Meta-messages are used to manage the VPN network itself, these messages may for example negotiate new keys, authenticate new nodes or change the network structure, but do not carry any of the data that is sent over the network itself as a medium.


Attackers can remotely bypass the authentication protocol allowing them to replace other nodes with themselves (CVE-2018-16737 and CVE-2018-16738) and meta-messages may be modified in transit (CVE-2018-16758).


The authenticity of meta-messages is never verified which results in the inability to detect maliciously modified or replayed meta-messages. In addition a decryption oracle for authentication challenges was found.

Interim Workaround

Upgrading to versions past 1.0.30 limits the content of a meta-message that can be modified by an attacker due to a different cipher mode being used and also significantly increases the complexity of successfully bypassing the authentication scheme. Setting the ping timeout to a low value also makes a successful bypass of the authentication more difficult, as the attack has to be completed within the timeout window and involves sending a large number of messages, which took multiple seconds on a test system.


 Apply the vendor supplied patch for the issue.

Technical Details

Please refer to the attached advisory.

Detailed Timeline

Date Summary
2018-09-06 Issue reported to vendor
2018-09-09 CVE-2018-16737, CVE-2018-16738 and CVE-2018-16758 assigned
2018-10-08 Patch released
2018-10-24 Advisory published

Further Information