CVE-2025-62792
BaseFortify
Publication date: 2025-10-29
Last updated on: 2025-11-03
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | to 4.12.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-170 | The product does not terminate or incorrectly terminates a string or array with a null character or equivalent terminator. |
| CWE-126 | The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a buffer over-read in Wazuh versions prior to 4.12.0. It occurs because a buffer is not properly NULL terminated during allocation, leading to strlen() reading beyond the intended buffer boundary. A compromised agent can send a specially crafted message to the Wazuh manager, causing it to read beyond the allocated buffer and potentially access sensitive information.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker who can send messages to the Wazuh manager to cause a buffer over-read, potentially exposing sensitive data contained in memory beyond the intended buffer. This could lead to unauthorized access to sensitive information.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in Wazuh version 4.12.0. To mitigate this vulnerability, you should upgrade your Wazuh installation to version 4.12.0 or later.