CVE-2025-62785
BaseFortify
Publication date: 2025-10-29
Last updated on: 2025-11-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | to 4.10.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
| CWE-252 | The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
An attacker who can send a crafted message to the Wazuh manager can cause the analysisd process to crash, making it unavailable. This can disrupt threat detection and response capabilities, potentially leaving systems unmonitored and vulnerable to further attacks.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in Wazuh version 4.10.2. To mitigate this vulnerability, you should upgrade your Wazuh manager to version 4.10.2 or later to prevent crashes caused by specially crafted agent messages.
Can you explain this vulnerability to me?
This vulnerability in Wazuh occurs because the fillData() function does not check if a value is NULL before calling os_strdup() on it. As a result, a compromised agent can send a specially crafted message to the Wazuh manager that causes the analysisd process to crash, leading to a denial of service.