ICN discovered a CVSS 9.8 vulnerability in a widely-deployed VPN solution. Patches available — apply immediately.