anonhaven
Ad

CVE-2025-1492

HIGH CVSS 3.1: 7.5 EPSS 0.05%
Updated Apr 10, 2025
Wireshark
Parameter Value
CVSS 7.5 (HIGH)
Affected Versions 4.2.0 — 4.4.3
Type CWE-674
Vendor Wireshark
Public PoC No

Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-674

Vulnerable Products 2

Configuration From (including) Up to (excluding)
Wireshark Wireshark
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
 4.2.0 <= 4.2.10
Wireshark Wireshark
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
 4.4.0 <= 4.4.3

References 2

https://gitlab.com/wireshark/wireshark/-/issues/20373
cve@gitlab.com
https://www.wireshark.org/security/wnpa-sec-2025-01.html
cve@gitlab.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-3203

Wireshark

7.5

CVE-2026-3202

Wireshark

7.5

CVE-2026-3201

Wireshark

7.5

CVE-2025-13499

Wireshark

7.8

CVE-2006-5595

Wireshark

None