Vulnerabilities

CVE-2025-54866

by Fred · 21/11/2025

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0, a missing ACL on “C:Program Files (x86)ossec-agentauthd.pass” exposes the password to all “Authenticated Users” on the local machine. This issue has been patched in version 4.13.0.

More information : https://github.com/wazuh/wazuh/commit/606f19e688944ebe5d28d72eb81ac36f8fffb143

Similar

Tags: Cybersecurity Alert