Zero Day MonitorZDM

← Back to list

7.5

CVE-2023-7340EXPLOITED

wazuh · wazuh

Wazuh authd service (os_auth) Heap-based Buffer Overflow

Description

Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability impact to the authentication daemon.

Affected Products

Vendor	Product	Versions
wazuh	wazuh	3.5.0, 4.3.10

References

https://github.com/wazuh/wazuh/security/advisories/GHSA-grjq-p5fg-m24r(vendor-advisory)
https://www.vulncheck.com/advisories/heap-buffer-overflow-in-wazuh-authd(third-party-advisory)

Related News (2 articles)

Tier B

BSI Advisories4h ago

[NEU] [mittel] Wazuh: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB2d ago

CVE-2023-7340 | Wazuh 3.5.0/4.3.10 authd out-of-bounds

→ No new info (linked only)

CVSS 3.17.5 NONE

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-125

Published3/27/2026

Last enriched2d agov2

Tags

denial-of-servicecode-executiondata-manipulationinformation-disclosure

Trending Score68

Source articles2

Independent2

Info Completeness8/14

Missing: epss, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

CRITICALCVE-2025-15615EXP

Wazuh Manager authd service Improper SSL/TLS Renegotiation Handling leading to Denial of Service

CRITICALCVE-2025-15616EXP

Wazuh Agent and Manager OS Command Injection and Untrusted Search Path

CRITICALCVE-2025-15612

Wazuh Provisioning Scripts / Build Infrastructure Improper Certificate Validation leading to MITM and RCE

LOWCVE-2026-32984EXP

Heap buffer overflow in wazuh-authd

Multiple vulnerabilities in Wazuh

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Mar 27, 2026

Discovered by ZDM

Mar 27, 2026

Updated: description, severity, cvssEstimate, activelyExploited

Mar 27, 2026

Actively Exploited

Mar 27, 2026

Version History

v2

Last enriched 2d ago

v2Tier C2d ago

Updated description with more technical detail, changed severity to HIGH, set CVSS estimate to 7.5, and marked as actively exploited.

descriptionseveritycvssEstimateactivelyExploited

via VulDB

v12d ago

Initial creation