heise PlusAbo

Network analysis tool Wireshark: Numerous security vulnerabilities closed

In two current versions of Wireshark, the developers have closed several vulnerabilities.

listen Print view
A symbolic update bar is filling up.

(Image: AFANASEV IVAN/Shutterstock.com)

1 min. read
Security
By

If attacks on the network analysis tool Wireshark are successful, attackers can crash systems or even execute malicious code. Secure outputs are available for download.

DoS and Malicious Code Vulnerabilities

In the changelog for versions 4.4.15 and 4.6.5, the developers assure that the vulnerabilities have been closed. The majority of the vulnerabilities are classified with a threat level of “medium” (e.g., CVE-2026-6520). After successful attacks, attackers can trigger DoS states, for example, in the context of the OpenFlow v6 protocol, leading to crashes.

Videos by heise

In four cases (CVE-2026-5402 “high,” CVE-2026-5403 “high,” CVE-2026-5405 “high,” CVE-2026-5656 “high”), attackers can also inject malicious code and compromise systems. So far, no active attacks are known. However, admins should install the updates promptly.

(des)

Don't miss any news – follow us on Facebook, LinkedIn or Mastodon.

This article was originally published in German. It was translated with technical assistance and editorially reviewed before publication.

Beliebte Bestenlisten

Alle Angebote
Newsletter heise-Bot heise-Bot Push Nachrichten Push Push-Nachrichten