CVE-2025-54866 in Wazuhinfo

Zusammenfassung

von MITRE • 21.11.2025

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0, a missing ACL on "C:\Program Files (x86)\ossec-agent\authd.pass" exposes the password to all "Authenticated Users" on the local machine. This issue has been patched in version 4.13.0.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

GitHub M

Reservieren

31.07.2025

Veröffentlichung

21.11.2025

Moderieren

akzeptiert

Eintrag

VDB-333268

CPE

bereit

CWE

CWE-276 (bestätigt)

CVSS

5.5 (NVD)

EPSS

0.00020

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-54866
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-54866
CVE Details	https://www.cvedetails.com/cve/CVE-2025-54866/

◂ Zurück Übersicht Weiter ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!