Description
DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
Published: 2026-07-08
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is a stack-based buffer overflow that occurs in the DBS Etherwatch file parser of Wireshark. This flaw can cause the application to crash, resulting in a denial of service. It is classified as CWE‑121, a classic stack corruption weakness. Attackers who can introduce a malicious ASN‑1 file or otherwise interact with the parser may trigger the overflow. The crash does not provide direct remote code execution but can be used to interrupt normal operations or disrupt services that rely on Wireshark for traffic analysis.

Affected Systems

Affected versions are Wireshark 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16. Products affected are Wireshark from Wireshark Foundation.

Risk and Exploitability

The CVSS score of 7.5 indicates a high impact with medium-to-high exploitation potential. EPSS data is not available, and the CVE is not listed in CISA’s KEV catalog, suggesting no publicly known exploits yet. The likely attack vector is inferred to be remote, by delivering a crafted DBS Etherwatch file to a system running Wireshark. If Wireshark is invoked by a user or system component that processes untrusted files, an attacker could trigger a denial of service that may impact the availability of network monitoring or analysis functions.

Generated by OpenCVE AI on July 9, 2026 at 09:10 UTC.

Remediation

Vendor Solution

Upgrade to version 4.6.7 or above


OpenCVE Recommended Actions

  • Upgrade Wireshark to version 4.6.7 or later to apply the buffer‑overflow fix.
  • If an upgrade is not immediately feasible, run Wireshark with restricted user permissions or in a sandboxed environment to limit the impact of a crash.
  • Configure the system to monitor for unexpected Wireshark termination and implement automated fail‑over or alerting to mitigate service disruption.

Generated by OpenCVE AI on July 9, 2026 at 09:10 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 09 Jul 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 09 Jul 2026 12:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-1286
References
Metrics threat_severity

None

threat_severity

Moderate


Wed, 08 Jul 2026 23:00:00 +0000

Type Values Removed Values Added
First Time appeared Wireshark
Wireshark wireshark
Vendors & Products Wireshark
Wireshark wireshark

Wed, 08 Jul 2026 21:15:00 +0000

Type Values Removed Values Added
Description DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
Title Stack-based Buffer Overflow in Wireshark
Weaknesses CWE-121
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}


Subscriptions

Wireshark Wireshark
cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published:

Updated: 2026-07-09T13:45:58.260Z

Reserved: 2026-07-08T20:45:33.866Z

Link: CVE-2026-15167

cve-icon Vulnrichment

Updated: 2026-07-09T13:45:55.164Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-07-08T20:51:00Z

Links: CVE-2026-15167 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-07-09T09:15:05Z

Weaknesses
  • CWE-121

    Stack-based Buffer Overflow

  • CWE-1286

    Improper Validation of Syntactic Correctness of Input