vuln disclosure
Wazuh Analysis Engine Heap Buffer Overflow and Command Injection Vulnerabilities DisclosedCVE-2024-32038
Neodyme researchers discovered two critical vulnerabilities in the Wazuh security platform: CVE-2024-32038, a heap buffer overflow in the Windows event decoder allowing unauthenticated remote code execution on the Wazuh server, and CVE-2023-50260, a command injection enabling privilege escalation and lateral movement. These flaws can be chained to achieve full network compromise from initial access, turning the defensive tool into an attack vector.