IT security platform: Attackers can compromise Wazuh
In the current Wazu version, developers have closed several vulnerabilities. Malware can get onto systems.
(Image: Alfa Photo / Shutterstock.com)
The Extended Detection and Response (XDR) and Security Information and Event Management (SIEM) platform Wazuh is vulnerable. Attackers can exploit the open-source application through a total of five security vulnerabilities.
Malware attacks possible
As indicated in the security section of Wazuh's GitHub website, one vulnerability (CVE-2026-30893) is classified as “critical.” In the course of a path traversal attack, attackers can gain unauthorized access to protected paths.
Subsequently, according to the developers, it is possible for attackers to manipulate Python modules, which then load various Wazuh components. This can lead to the execution of malware. Systems are then considered compromised.
Videos by heise
The remaining vulnerabilities are classified as “medium.” These can cause crashes, among other things (including CVE-2026-41499). The developers assure that they have resolved the security issues in version 4.14.4. So far, there are no reports of attackers already targeting instances.
(des)
