Volerion logoVolerion
Volerion logoVolerion

Wazuh Authd Heap-Buffer Overflow Vulnerability Leading to Memory Corruption and Denial-of-Service

Vulnerability

A heap-buffer overflow vulnerability has been identified in the Wazuh authentication daemon (authd) versions 3.5.0 prior to 4.3.10. This vulnerability allows attackers to cause memory corruption and create malformed heap data by sending specially crafted input. Exploitation of this vulnerability can trigger a denial-of-service condition, causing low availability impact to the authentication daemon.

Impact

Exploitation of this vulnerability leads to memory corruption, affecting the Wazuh authentication daemon and causing a denial-of-service condition.

Reproduction

The vulnerability can be reproduced by building Wazuh with AddressSanitizer enabled, which will detect memory corruption issues such as heap-buffer overflows. After compiling Wazuh with the appropriate flags, the authentication daemon can be fuzzed with a crafted input that exploits the heap-buffer overflow vulnerability. This can be done by using a simple fuzzing tool that sends the malformed input to the authentication daemon, simulating an attack scenario.

Added: Mar 27, 2026, 4:30 PM
Updated: Mar 27, 2026, 4:30 PM

Vulnerability Rating

Custom Algorithm
spread
6.2
impact
0.6
exploitability
9.5
remediation
0.0
relevance
4.8
threat
6.4
urgency
2.9
incentive
8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.