CVE-2025-30201

7.7 HIGH
Published: November 21, 2025 Modified: December 02, 2025
View on NVD

Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leading NTLM relay attacks that would result privilege escalation and remote code execution. This issue has been patched in version 4.13.0.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://github.com/wazuh/wazuh/commit/688972da589e5d40d2a81bcd738240303a3dc45a
Source: security-advisories@github.com
Patch
https://github.com/wazuh/wazuh/pull/30060
Source: security-advisories@github.com
Issue Tracking
https://github.com/wazuh/wazuh/security/advisories/GHSA-x697-jf34-gp5x
Source: security-advisories@github.com
Exploit Vendor Advisory

3 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.7 / 10.0
EPSS (Exploit Probability)
0.2%
42th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-73 CWE-294

Affected Vendors

wazuh

Related CVEs

CVE-2025-52691 10.0
CVE-2025-15168 7.3
CVE-2025-15167 7.3
CVE-2025-15166 7.3
CVE-2025-15165 7.3