CVE-2025-64169

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-64169

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64169.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-64169

Aliases

GHSA-hc35-h924-8596

Published

2025-11-21T18:39:02.463Z

Modified

2026-04-10T05:33:43.613626Z

Severity

5.1 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator

Summary

Wazuh NULL pointer dereference in fim_alert line 666

Details

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fim_alert() implementation does not check whether oldsum->md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh manager. This issue has been patched in version 4.12.0.

Database specific

{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-252",
        "CWE-476"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/64xxx/CVE-2025-64169.json"
}

References

Affected packages

Git / github.com/wazuh/wazuh

Affected ranges

Type: GIT
Repo: https://github.com/wazuh/wazuh
Events: Introduced

2b11ec185d9902e41a417d96e7a90c00b1546088

Fixed

802b10f727c59e4d0aa502279ea53c2c776328b6

Affected versions

v3.*

v3.12.0

v3.13.0

v3.13.1

v3.7.0

v3.8.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-64169.json"