CVE-2025-54866
BaseFortify
Publication date: 2025-11-21
Last updated on: 2025-12-02
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wazuh | wazuh | From 4.3.0 (inc) to 4.13.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-276 | During installation, installed file permissions are set to allow anyone to modify those files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Wazuh versions from 4.3.0 to before 4.13.0 is due to a missing Access Control List (ACL) on the file "C:\Program Files (x86)\ossec-agent\authd.pass". Because of this, the password stored in this file is exposed to all "Authenticated Users" on the local machine, potentially allowing unauthorized access. The issue was fixed in version 4.13.0.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized local users gaining access to the password stored in the authd.pass file, which may allow them to escalate privileges or compromise the security of the Wazuh agent on the machine. This could undermine the threat prevention, detection, and response capabilities of the platform.
What immediate steps should I take to mitigate this vulnerability?
Upgrade Wazuh to version 4.13.0 or later, where the missing ACL issue on "C:\Program Files (x86)\ossec-agent\authd.pass" has been patched to prevent unauthorized access to the password file.