CVE-2025-62789

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-62789

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62789.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-62789

Aliases

GHSA-8rvq-mm2f-8q22

Published

2025-10-29T16:44:30.540Z

Modified

2025-12-05T10:21:46.579381Z

Severity

6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator

Summary

Wazuh vulnerable to NULL pointer dereference in fim_alert line 712

Details

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimalert() implementation does not check whether the return value of ctimer is NULL or not before calling strdup() on it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh manager. An attacker who is able to craft and send an agent message to the wazuh manager can cause analysisd to crash and make it unavailable. This vulnerability is fixed in 4.11.0.

Database specific

{
    "cwe_ids": [
        "CWE-252",
        "CWE-476"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/62xxx/CVE-2025-62789.json"
}

References

Affected packages

Git / github.com/wazuh/wazuh

Affected ranges

Type: GIT
Repo: https://github.com/wazuh/wazuh
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b3de9acf06147d614f053e87f959a75a0a132e86

Affected versions

v1.*

v1.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.1

v1.1.1

v2.*

v2.0

v2.0.1

v2.1.0

v2.1.1

v3.*

v3.0.0

v3.1.0

v3.10.0

v3.10.1

v3.10.2

v3.11.0

v3.11.1

v3.11.2

v3.11.3

v3.11.4

v3.12.0

v3.12.1

v3.12.2

v3.12.3

v3.13.0

v3.13.1

v3.13.2

v3.13.3

v3.13.4

v3.13.5

v3.13.6

v3.2.0

v3.2.1

v3.2.2

v3.2.3

v3.2.4

v3.3.0

v3.3.1

v3.4.0

v3.5.0

v3.6.0

v3.6.1

v3.7.0

v3.7.1

v3.7.2

v3.8.0

v3.8.1

v3.8.2

v3.9.0

v3.9.1

v3.9.2

v3.9.3

v3.9.4

v3.9.5

v4.*

v4.0.0

v4.0.1

v4.0.2

v4.0.3

v4.0.4

v4.1.0

v4.1.1

v4.1.2

v4.1.3

v4.1.4

v4.1.5

v4.10.0

v4.10.1

v4.2.0

v4.2.1

v4.2.2

v4.2.3

v4.2.4

v4.2.5

v4.2.6

v4.2.7

v4.3.0

v4.3.1

v4.3.10

v4.3.2

v4.3.3

v4.3.4

v4.3.5

v4.3.6

v4.3.7

v4.3.8

v4.3.9

v4.4.0

v4.4.1

v4.4.2

v4.4.3

v4.4.4

v4.4.5

v4.5.0

v4.5.1

v4.5.2

v4.5.3

v4.5.4

v4.6.0

v4.7.0

v4.7.1

v4.7.2

v4.7.3

v4.7.4

v4.7.5

v4.8.1

v4.8.2

v4.9.0

v4.9.1

v4.9.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-62789.json"