See Recorded Future’s Threat Intelligence Solutions in Action

See our Threat Intelligence Solutions in Action

Reduce risk and mitigate cyber attacks, no matter your IT & security stack, maturity journey, or industry

Book a free demo

View Solutions to Reduce Risk

See Recorded Future’s Intelligence in Action

Reduce operational risk through timely, precise, and actionable intelligence.

Book a free demo

Intelligence Cloud Overview

View Services & Support Overview

View Research Overview

CVE-2025-1492

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 20, 2025

CWE ID 674

Summary

CVE-2025-1492 is a denial-of-service vulnerability affecting Wireshark versions 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10. The issue lies in the Bundle Protocol and CBOR dissector. A maliciously crafted packet or capture file can trigger a crash, leading to a denial of service situation. This vulnerability can be exploited through packet injection or using a specially crafted capture file. Wireshark users are advised to update to the latest versions to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Wireshark

Affected Vendors

Wireshark Foundation

Advisories, Assessments, and Mitigations

Back to Vulnerability Database