wid-sec-w-2026-0771 · Published 2026-03-17 · View on BSI CERT-Bund ↗

Wazuh: Multiple Vulnerabilities allow

CVSS 9.1 CRITICAL

Risk Summary

Wazuh is a free and open source platform used for threat prevention, detection, and response. Prior to version 4.13.0, a vulnerability in Wazuh Agent allows authenticated attackers to force NTLM authentication through malicious UNC paths in various agent configuration settings, potentially leading NTLM relay attacks that would result privilege escalation and remote code execution. This issue has been patched in version 4.13.0.

CVEs (6)

CVE-2025-30201 CVE-2026-25769 CVE-2026-25770 CVE-2026-25771 CVE-2026-25772 CVE-2026-25790

Affected Vendors

Open Source

Affected Products (2)

Open Source · Wazuh <4.14.3

Open Source · Wazuh 4.14.3

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more