Vulnerability cyber

Wireshark Foundation

Jun 6, 2025 1 min read
Wireshark Foundation

A critical vulnerability (CVE-2025-5601) in Wireshark allows attackers to trigger denial-of-service (DoS) attacks through packet injection or malformed capture files. The flaw, designated as wnpa-sec-2025-02, affects millions of users and has a high severity rating with a CVSS score of 7.8. The vulnerability causes the Wireshark application to crash, disrupting network analysis and monitoring operations. Organizations are advised to upgrade to Wireshark version 4.4.7 or 4.2.12 and implement additional security measures.

Source: https://cybersecuritynews.com/wireshark-vulnerability-enables-dos-attack/

TPRM report: https://scoringcyber.rankiteo.com/company/wireshark-foundation

"id": "wir744060625",
"linkid": "wireshark-foundation",
"type": "Vulnerability",
"date": "6/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Software',
                        'name': 'Wireshark Foundation',
                        'type': 'Organization'}],
 'attack_vector': ['Packet Injection', 'Malformed Capture Files'],
 'date_publicly_disclosed': '2025-06-04',
 'description': 'A critical vulnerability in Wireshark allows attackers to '
                'trigger denial-of-service (DoS) attacks through packet '
                'injection or malformed capture files.',
 'impact': {'operational_impact': 'Disruption of network analysis and '
                                  'monitoring operations',
            'systems_affected': 'Wireshark application'},
 'lessons_learned': 'Prioritize immediate patching and review network '
                    'monitoring security protocols to prevent potential '
                    'exploitation of vulnerabilities.',
 'motivation': 'Disruption of network monitoring capabilities',
 'post_incident_analysis': {'corrective_actions': 'Upgrade to Wireshark '
                                                  'version 4.4.7 or 4.2.12',
                            'root_causes': 'Bug in Wireshark’s column utility '
                                           'module'},
 'recommendations': ['Verify sources of capture files',
                     'Limit network packet capture operations to trusted '
                     'sources',
                     'Implement network segmentation'],
 'references': [{'date_accessed': '2025-06-04',
                 'source': 'Wireshark Foundation Security Advisory'}],
 'response': {'network_segmentation': 'Implemented',
              'remediation_measures': ['Upgrade to Wireshark version 4.4.7 or '
                                       '4.2.12',
                                       'Verify sources of capture files',
                                       'Limit network packet capture '
                                       'operations to trusted sources',
                                       'Implement network segmentation']},
 'title': 'Wireshark Vulnerability Triggers DoS Attack',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2025-5601'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

HPE

public 1 min read
Multiple severe security vulnerabilities in HPE Insight Remote Support (IRS) platform that could allow attackers to execute remote code, traverse…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.