CVE-2025-62791

CVSS v3.1

7.5

High

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.11.0

Description Wazuh is a platform for threat prevention, detection, and response. A flaw exists in the DecodeCiscat() implementation where the return value of cJSON GetObjectItem() is not checked for a possible NULL value when an error occurs. A compromised agent can exploit this to cause a crash of the analysisd component by sending a specially crafted message to the Wazuh manager. An attacker with the ability to craft and send an agent message to the Wazuh manager can cause analysisd to crash, making it unavailable.

Recommendations Update to version 4.11.0 or later.

Fix

DoS

Unchecked Return Value

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-252CWE-476

Related Identifiers

BDU:2025-14489

CVE-2025-62791

GHSA-GCWF-6P6M-GVM7

Affected Products

Wazuh

CVE-2025-62791

Weakness Enumeration

Related Identifiers

Affected Products

References · 9