CVE-2025-59938
BaseFortify
Publication date: 2025-09-27
Last updated on: 2025-10-16
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | From 3.8.0 (inc) to 4.11.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-122 | A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc(). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a heap buffer overflow in the wazuh-analysisd component of Wazuh, which occurs when parsing XML elements from Windows EventChannel messages. It affects versions from 3.8.0 up to but not including 4.11.0 and has been fixed in version 4.11.0.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade Wazuh to version 4.11.0 or later, where the heap buffer overflow issue in wazuh-analysisd has been patched.
How can this vulnerability impact me? :
The vulnerability can cause a denial of service by crashing the wazuh-analysisd process due to a heap buffer overflow. According to the CVSS score, it does not impact confidentiality or integrity but can impact availability.