Impact
The vulnerability is a stack-based buffer overflow that occurs in the DBS Etherwatch file parser of Wireshark. This flaw can cause the application to crash, resulting in a denial of service. It is classified as CWE‑121, a classic stack corruption weakness. Attackers who can introduce a malicious ASN‑1 file or otherwise interact with the parser may trigger the overflow. The crash does not provide direct remote code execution but can be used to interrupt normal operations or disrupt services that rely on Wireshark for traffic analysis.
Affected Systems
Affected versions are Wireshark 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16. Products affected are Wireshark from Wireshark Foundation.
Risk and Exploitability
The CVSS score of 7.5 indicates a high impact with medium-to-high exploitation potential. EPSS data is not available, and the CVE is not listed in CISA’s KEV catalog, suggesting no publicly known exploits yet. The likely attack vector is inferred to be remote, by delivering a crafted DBS Etherwatch file to a system running Wireshark. If Wireshark is invoked by a user or system component that processes untrusted files, an attacker could trigger a denial of service that may impact the availability of network monitoring or analysis functions.
OpenCVE Enrichment