Buffer Overflow Vulnerability in Wazuh Threat Detection Platform
CVE-2025-62789

6.9MEDIUM

Key Information:

Vendor: Wazuh
Status: Wazuh
Vendor: CVE Published:; 29 October 2025

What is CVE-2025-62789?

Wazuh, an open-source platform utilized for threat detection and response, has a vulnerability in its fim_alert() function prior to version 4.11.0. This flaw arises from the failure to verify whether the return value of ctime_r is NULL before utilizing it with strdup(). An attacker can exploit this weakness by sending a specially constructed message to the Wazuh manager, potentially leading to a crash of the analysis daemon (analysisd) and resulting in system unavailability. The issue has been addressed in version 4.11.0.

Affected Version(s)

wazuh < 4.11.0

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-8...

x_refsource_CONFIRM

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 29, 2025
Vulnerability Reserved
Oct 22, 2025

JSON