Home

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fim_alert() implementation does not check whether oldsum->md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a specially crafted message to the wazuh manager. This issue has been patched in version 4.12.0.

PUBLISHED Reserved 2025-10-28 | Published 2025-11-21 | Updated 2025-11-21 | Assigner GitHub_M




MEDIUM: 5.1CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Problem types

CWE-252: Unchecked Return Value

CWE-476: NULL Pointer Dereference

Product status

>= 3.7.0, < 4.12.0
affected

References

github.com/.../wazuh/security/advisories/GHSA-hc35-h924-8596

cve.org (CVE-2025-64169)

nvd.nist.gov (CVE-2025-64169)

Download JSON