CVE-2025-30201

Sažetak

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leading NTLM relay attacks that would result privilege escalation and remote code execution. This issue has been patched in version 4.13.0.

Reference

https://github.com/wazuh/wazuh/commit/688972da589e5d40d2a81bcd738240303a3dc45a
https://github.com/wazuh/wazuh/pull/30060
https://github.com/wazuh/wazuh/security/advisories/GHSA-x697-jf34-gp5x

CVSS

Base:	7.7
Impact:	5.8
Exploitability:	1.3

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

Zadnje važnije ažuriranje

02-12-2025 - 16:45

Objavljeno

21-11-2025 - 19:15