Vulnerability in Wazuh Analysisd Crashes Service Due to Improper NULL Check
CVE-2025-62785

6.9MEDIUM

Key Information:

Vendor: Wazuh
Status: Wazuh
Vendor: CVE Published:; 29 October 2025

What is CVE-2025-62785?

The vulnerability affects the Wazuh platform, a widely used open-source tool for threat prevention, detection, and response. In the fillData() function, a failure to properly validate input can lead to a crash of the analysisd component when it processes a maliciously crafted agent message. This oversight allows an attacker with access to send such messages, potentially disrupting service and making the analysisd unavailable. The issue has been addressed in version 4.10.2, which ensures that the input is thoroughly validated before processing.

Affected Version(s)

wazuh < 4.10.2

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-m...

x_refsource_CONFIRM

https://github.com/wazuh/wazuh/commit/17f8dc23a6211cbb398...

x_refsource_MISC

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 29, 2025
Vulnerability Reserved
Oct 22, 2025

JSON