CVE-2025-62792

CVSS v3.1

7.5

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.12.0

Description Wazuh, a free and open source platform for threat prevention, detection, and response, contains a flaw where a buffer over-read can occur in the

w expression match()

function. This happens when

strlen()

is called on

str test

because the corresponding buffer is not properly NULL terminated during allocation in

OS CleanMSG()

. A compromised agent can trigger a read operation beyond the allocated buffer's boundaries, potentially exposing sensitive information, by sending a specially crafted message to the Wazuh manager. An attacker who can craft and send an agent message to the Wazuh manager can exploit this issue.

Recommendations Update to Wazuh version 4.12.0 or later.

Exploit

Fix

Buffer Over-read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-170CWE-126

Related Identifiers

BDU:2025-14490

CVE-2025-62792

GHSA-2672-VFHM-XHR6

Affected Products

Wazuh

CVE-2025-62792

Weakness Enumeration

Related Identifiers

Affected Products

References · 9