VYPR
Unrated severityNVD Advisory· Published Apr 19, 2024· Updated Aug 2, 2024

Wazuh Analysis Engine Event Decoder Heap-based Buffer Overflow Remote Code Execution Vulnerability

CVE-2024-32038

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and above. This vulnerability is fixed in Wazuh Manager 4.7.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wazuh/Wazuhllm-fuzzy2 versions
    >=3.8.0 <=4.7.1+ 1 more
    • (no CPE)range: >=3.8.0 <=4.7.1
    • (no CPE)range: >= 3.8.0, < 4.7.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.