CVE-2025-24016 | Wazuh up to 4.9.0 common.py as_wazuh_object deserialization

Inserito da Angelo Barbosa | Feb 10, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Wazuh up to 4.9.0. This issue affects the function as_wazuh_object of the file framework/wazuh/core/cluster/common.py. The manipulation leads to deserialization.

The identification of this vulnerability is CVE-2025-24016. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24016 | Wazuh up to 4.9.0 common.py as_wazuh_object deserialization

Post correlati

CVE-2024-9150 | Wyn Enterprise prior 8.0.00204.0 Report Generation special elements used in a template engine

CVE-2023-52916 | Linux Kernel up to 6.5 denial of service (c281355068bc)

CVE-2024-43705 | Imagination Technologies Graphics DDK up to 24.2 RTM2 GPU Kernel Driver insufficient permissions or privileges

CVE-2024-53561 | Arcadyan Meteor 2 CPE FG360 Firmware ETV2.10 Request Privilege Escalation