CVE-2025-62788
BaseFortify
Publication date: 2025-10-29
Last updated on: 2025-11-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | to 4.11.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-416 | The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in Wazuh versions prior to 4.11.0 where the function w_copy_event_for_log() references memory that has already been freed. Specifically, memory initially allocated in OS_CleanMSG() is accessed after being freed, which can lead to corruption of valid data. A compromised agent can exploit this by sending a specially crafted message to the Wazuh manager, potentially compromising the integrity of the application.
How can this vulnerability impact me? :
If exploited, this vulnerability can compromise the integrity of the Wazuh application by corrupting valid data through use of freed memory. An attacker who can send crafted messages to the Wazuh manager may leverage this to disrupt or manipulate the application's behavior, potentially leading to security breaches or unreliable threat detection and response.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Wazuh to version 4.11.0 or later, as this vulnerability is fixed in that version.