CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jul 1, 2025
High
CISA KEVCVE-2025-24016
Wazuh—Wazuh Server
Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.
Required Action
https://wazuh.com/blog/addressing-the-cve-2025-24016-vulnerability/ ; https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh ; https://nvd.nist.gov/vuln/detail/CVE-2025-24016
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- Jun 10, 2025
- KEV Added
- Jun 10, 2025
- Due Date
- Jul 1, 2025
- Related Articles
- 0
Vendor
Wazuh
Wazuh Server