CVE-2025-62791
BaseFortify
Publication date: 2025-10-29
Last updated on: 2025-11-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | to 4.11.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
| CWE-252 | The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Wazuh versions prior to 4.11.0 where the DecodeCiscat() function does not properly check if cJSON_GetObjectItem() returns NULL. A compromised agent can exploit this by sending a specially crafted message to the Wazuh manager, causing the analysisd process to crash and become unavailable.
How can this vulnerability impact me? :
An attacker who can send a crafted agent message to the Wazuh manager can cause the analysisd service to crash, leading to denial of service by making the analysisd process unavailable.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Wazuh to version 4.11.0 or later, as this version contains the fix for the vulnerability that causes analysisd to crash when processing specially crafted messages from a compromised agent.