Buffer Overflow Vulnerability in Wazuh Manager Affecting Security Operations
CVE-2024-32038

9.8CRITICAL

Key Information:

Vendor: Wazuh
Status: Wazuh
Vendor: CVE Published:; 19 April 2024

What is CVE-2024-32038?

A buffer overflow vulnerability exists within the Wazuh Manager, specifically in the wazuh-analysisd component, which processes Unicode characters in Windows Eventchannel messages. This flaw affects all versions starting from 3.8.0 and may lead to unauthorized access or arbitrary code execution if exploited. Organizations utilizing these versions are advised to upgrade to Wazuh Manager 4.7.2 or later, where this vulnerability has been addressed.

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-f...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 19, 2024

JSON