NTLM Authentication Vulnerability in Wazuh Agent Affects Security Measures
CVE-2025-30201
7.7HIGH
What is CVE-2025-30201?
A serious vulnerability in Wazuh Agent, prior to version 4.13.0, enables authenticated attackers to exploit NTLM authentication through specially crafted UNC paths. This flaw can be manipulated in various agent configuration settings, permitting attackers to execute NTLM relay attacks, potentially culminating in privilege escalation or remote code execution. Users are strongly advised to upgrade to the latest version to mitigate this risk.
Affected Version(s)
wazuh < 4.13.0