216.73.216.133

CVE-2025-30201

· Published 21/11/2025 19:15 · Modified 02/12/2025 16:45

Labels: CVE-2025-30201 2025-11-21CVE-2025-30201CWE-73NVD-CWE-noinfo[email protected]

Essential information

Published
21/11/2025 19:15
Modified
02/12/2025 16:45
Author
Creator
CVSS
7.7 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

CVSS metrics

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leading NTLM relay attacks that would result privilege escalation and remote code execution. This issue has been patched in version 4.13.0.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
wazuh / wazuh cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*

References