CNNVD-202510-3983 Information

CNNVD ID

CNNVD-202510-3983

Related CVE

CVE-2025-62786

• CNNVD Published: 2025-10-29

Description (Chinese)

Wazuh是Wazuh开源的一个应用软件。用于收集，汇总，索引和分析安全数据，帮助组织检测入侵，威胁和行为异常。 Wazuh存在安全漏洞，该漏洞源于decode_win_permissions中存在基于堆的越界写入，可能导致远程代码执行。

Description (English)

Wazuh is an application from the Wazuh Open Source. For collection, aggregation, indexing and analysis of security data to help the organization detect invasions, threats and behavioural anomalies. Wazuh had a security loophole, which stemmed from the presence of stack-based cross-border writing in decode win permissions, which could lead to remote code implementation.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Wazuh

Published

2025-10-29

Last Modified

2026-02-24

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-2c8r-p6r5-xxmr https://github.com/wazuh/wazuh/commit/2257d7998aaff34263169d16f4afc491564a771c https://access.redhat.com/security/cve/cve-2025-62786

Patch

https://wazuh.com/