CVE-2023-7340

low-risk

Published 2026-03-27

Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulnerability to trigger a denial of service condition, resulting in low availability impact to the authentication daemon.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.5/10 Low

NETWORK / LOW complexity

Affected Products (2)

Wazuh

Affected Vendors

Wazuh

References (2)

Exploit https://github.com/wazuh/wazuh/security/advisories/GHSA-grjq-p5fg-m24r

Third Party Advisory https://www.vulncheck.com/advisories/heap-buffer-overflow-in-wazuh-authd

/ 100

low-risk

Severity 16/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 7/34 · Low