Buffer Over-Read Vulnerability in Wazuh Platform by Wazuh Inc.
CVE-2025-62792

6.9MEDIUM

Key Information:

Vendor: Wazuh
Status: Wazuh
Vendor: CVE Published:; 29 October 2025

What is CVE-2025-62792?

The Wazuh platform is susceptible to a buffer over-read vulnerability that occurs within the function w_expression_match(). This issue arises due to improper NULL termination of a buffer during its allocation in OS_CleanMSG(), leading to the potential for a compromised agent to exploit this flaw. By sending a specially crafted message to the Wazuh manager, an attacker may cause a READ operation beyond the end of the allocated buffer, thereby gaining unauthorized access to sensitive information. This vulnerability has been rectified in version 4.12.0.

Affected Version(s)

wazuh < 4.12.0

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-2...

x_refsource_CONFIRM

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 29, 2025
Vulnerability Reserved
Oct 22, 2025

JSON