VYPR
Unrated severityNVD Advisory· Published Oct 29, 2025· Updated Oct 29, 2025

Wazuh vulnerable to Heap-based Buffer Over-read in w_expression_match

CVE-2025-62792

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.12.0, a buffer over-read occurs in w_expression_match() when strlen() is called on str_test, because the corresponding buffer is not being properly NULL terminated during its allocation in OS_CleanMSG(). A compromised agent can cause a READ operation beyond the end of the allocated buffer (which may contain sensitive information) by sending a specially crafted message to the wazuh manager. An attacker who is able to craft and send an agent message to the wazuh manager can cause a buffer over-read and potentially access sensitive data. This vulnerability is fixed in 4.12.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wazuh/Wazuhllm-fuzzy2 versions
    <4.12.0+ 1 more
    • (no CPE)range: <4.12.0
    • (no CPE)range: < 4.12.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.