CVE-2025-64169

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-64169

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

EUVD-2025-198506

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-64169

CVE-2025-64169 — Wazuh NULL pointer dereference in fim_alert : The issue affects Wazuh 3.7.0 up to, but not including, 4.12.0, where fim_alert() may dereference oldsum->md5 without NULL-check, potentially causing analysisd to crash when a compromised agent sends a crafted message. The vulnerab...

CVE-2025-64169 Wazuh NULL pointer dereference in fim_alert line 666

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fimalert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

PT-2025-47795

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 3.7.0 to before 4.12.0, fim alert implementation does not check whether oldsum-md5 is NULL or not before dereferencing it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-62790

Wazuh before version 4.11.0 is vulnerable to a NULL pointer/NULL string dereference in fim_fetch_attributes_state(), where time_string is not checked for NULL before calling strlen(). A crafted agent message to the Wazuh manager can crash analysisd, causing denial of service and unavailability of...

CVE-2025-62790 Wazuh vulnerable to NULL pointer dereference in fim_fetch_attributes_state

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimfetchattributesstate implementation does not check whether timestring is NULL or not before calling strlen on it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-62789 Wazuh vulnerable to NULL pointer dereference in fim_alert line 712

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to 4.11.0, fimalert implementation does not check whether the return value of ctimer is NULL or not before calling strdup on it. A compromised agent can cause a crash of analysisd by sending a...

CVE-2025-62789

CVE-2025-62789 affects Wazuh before 4.11.0. The fim_alert() path does not check the return value of ctime_r before calling strdup(), enabling a NULL pointer dereference that can crash analysisd when a compromised/malicious agent sends a crafted message to the Wazuh manager. Impact is denial of se...

PT-2025-44324

Name of the Vulnerable Software and Affected Versions Wazuh versions prior to 4.11.0 Description Wazuh is a platform for threat prevention, detection, and response. A flaw exists in the fim fetch attributes state implementation where it does not verify if time string is NULL before applying strle...

Malicious code in @zalastax/nolb-fim (npm)

The package @zalastax/nolb-fim was found to contain malicious code...

MAL-2025-11451 Malicious code in @zalastax/nolb-fim (npm)

The package @zalastax/nolb-fim was found to contain malicious code...

Achieve Security Compliance with Wazuh File Integrity Monitoring

File Integrity Monitoring FIM is an IT security control that monitors and detects file changes in computer systems. It helps organizations audit important files and system configurations by routinely scanning and verifying their integrity. Most information security standards mandate the use of FI...

Qualys Enterprise TruRisk™ Platform Extends FIM with Real-Time Monitoring of Unauthorized Access to Sensitive Data and Configuration Change Detection on Network Devices

Introducing FIM 4.0 with File Access Monitoring FAM and Agentless FIM to ensure compliance with the new PCI 4.0 File Integrity Monitoring FIM solutions are essential for virtually any organization to help identify suspicious activities across critical system files and registries, diagnose changes...

Agentless FIM for Detecting Network Configuration Changes

Dealing with multiple network administrators making frequent configuration changes with a monitoring solution that provides insights into device change without causing resource constraints. The performance and capabilities of a network device are entirely dependent upon its configuration settings...

Qualys FIM Playbook for PCI 4.0

This File Integrity Monitoring FIM playbook is your comprehensive guide to establishing and maintaining an effective FIM program aligned with the latest PCI DSS 4.0 standards. By meticulously monitoring and ensuring the integrity of vital files and configurations, your organization can bolster it...

PCI DSS 4.0 FIM Requirements Simplified with Qualys File Integrity Monitoring

File Integrity Monitoring FIM is one of the essential requirements under PCI DSS 4.0. It helps organizations detect and respond to unauthorized changes in critical system files, configuration files, or content files, which is crucial for maintaining the security of cardholder data. Organizations...