Cybersecurity Vulnerabilities

CVE-2025-13674: Wireshark BPv7 Dissector Crash – Denial of Service Alert!

November 26, 2025 - By 

Overview

CVE-2025-13674 is a medium severity vulnerability affecting Wireshark version 4.6.0. This vulnerability resides in the BPv7 (Bundle Protocol version 7) dissector, and a specially crafted packet can cause Wireshark to crash, leading to a denial-of-service (DoS) condition. This means an attacker could potentially disrupt network analysis by repeatedly sending malicious packets to a Wireshark instance, effectively preventing it from functioning correctly.

Technical Details

The vulnerability exists within the BPv7 dissector’s parsing logic. An improperly formatted or malicious BPv7 packet can trigger an unhandled exception or memory access violation within the dissector, causing Wireshark to terminate unexpectedly. The specific details of the flaw are outlined in the Wireshark issue tracker and security advisory referenced below.

CVSS Analysis

The Common Vulnerability Scoring System (CVSS) assigns CVE-2025-13674 a score of 5.5, indicating a MEDIUM severity. This score reflects the following factors:

  • Attack Vector: Network (AV:N) – The vulnerability can be exploited over a network.
  • Attack Complexity: Low (AC:L) – Exploitation is relatively easy.
  • Privileges Required: None (PR:N) – No privileges are required to exploit the vulnerability.
  • User Interaction: None (UI:N) – No user interaction is required to trigger the vulnerability.
  • Scope: Unchanged (S:U) – The vulnerability only affects the Wireshark process.
  • Confidentiality Impact: None (C:N) – There is no impact on confidentiality.
  • Integrity Impact: None (I:N) – There is no impact on data integrity.
  • Availability Impact: High (A:H) – The vulnerability leads to a denial of service.

Possible Impact

The primary impact of CVE-2025-13674 is a denial-of-service (DoS). An attacker can repeatedly send malicious BPv7 packets to a Wireshark instance, causing it to crash. This can disrupt network analysis, making it difficult for administrators and security professionals to diagnose and troubleshoot network issues. While the vulnerability doesn’t directly compromise data confidentiality or integrity, it can still be a significant inconvenience and potentially mask other malicious activities.

Mitigation or Patch Steps

The recommended mitigation is to upgrade to a patched version of Wireshark. This vulnerability is resolved in Wireshark versions after 4.6.0. Download and install the latest version of Wireshark from the official Wireshark website.

  1. Upgrade Wireshark: Download and install the latest version of Wireshark from the official website.
  2. Monitor Network Traffic: While not a direct mitigation, monitoring network traffic for suspicious BPv7 packets can help detect potential exploitation attempts.

References

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *