CVE-2025-62789
BaseFortify
Publication date: 2025-10-29
Last updated on: 2025-11-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | to 4.11.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
| CWE-252 | The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Wazuh versions prior to 4.11.0 where the fim_alert() function does not properly check if the return value of ctime_r is NULL before calling strdup() on it. A compromised agent can send a specially crafted message to the Wazuh manager, causing the analysisd process to crash and become unavailable.
How can this vulnerability impact me? :
An attacker who can send a crafted message to the Wazuh manager can cause the analysisd process to crash, leading to denial of service by making the analysisd component unavailable. This disrupts threat detection and response capabilities.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Wazuh to version 4.11.0 or later, as this version contains the fix for the vulnerability that causes analysisd to crash when processing specially crafted agent messages.