CVE-2026-25769
🔴 Łataj teraz
Deserializacja niezaufanych danych w Wazuh umożliwia zdalne wykonanie kodu na węźle głównym z uprawnieniami roota.
CVSS
9.1
EPSS
0.2%
Exploit
poc
Vendor
wazuh
Opis źródłowy (NVD)
Wazuh is a free and open source platform used for threat prevention, detection, and response. Versions 4.0.0 through 4.14.2 have a Remote Code Execution (RCE) vulnerability due to Deserialization of Untrusted Data). All Wazuh deployments using cluster mode (master/worker architecture) and any organization with a compromised worker node (e.g., through initial access, insider threat, or supply chain attack) are impacted. An attacker who gains access to a worker node (through any means) can achieve full RCE on the master node with root privileges. Version 4.14.3 fixes the issue.
deserialization exploit rce
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 9.1 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.2% |
| Opublikowano (NVD) | 2026-03-17 18:16:15 UTC |
| Ostatnia modyfikacja (NVD) | 2026-03-19 17:18:30 UTC |
Referencje
- https://drive.google.com/drive/folders/1WlkKNmHexz8212OVED9O6M_3pI8b6qNI?usp=sharing (security-advisories@github.com) [Broken Link]
- https://github.com/wazuh/wazuh/security/advisories/GHSA-3gm7-962f-fxw5 (security-advisories@github.com) [Exploit, Vendor Advisory]