CVE-2025-54866 LOW

CVE-2025-54866: Wazuh installation fails to protected authd.pass on Windows

Vendor Wazuh
Product wazuh
Weakness CWE-276
Published November 21, 2025
Last update November 21, 2025

CVSS base score

1.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:L

What the vulnerability does

01Description

Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.3.0 to before 4.13.0, a missing ACL on "C:\Program Files (x86)\ossec-agent\authd.pass" exposes the password to all "Authenticated Users" on the local machine. This issue has been patched in version 4.13.0.

Key dates

02Disclosure timeline

November 21, 2025 CVE published
November 21, 2025 Record updated