Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support

Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support

Posted on By CWS

Wireshark 4.6.2, the most recent model of the main open-source community protocol analyzer, addresses important crash vulnerabilities and plugin compatibility points. This upkeep launch prioritizes stability for customers in troubleshooting and safety evaluation.​

Builders patched two denial-of-service vulnerabilities recognized in latest dissectors. The HTTP3 dissector crash (CVE-2025-13945) happens throughout decryption of site visitors by way of keylog recordsdata or seize recordsdata with secrets and techniques, probably triggered by malformed packets.

Equally, the MEGACO dissector infinite loop (CVE-2025-13946) could cause extreme CPU utilization beneath malformed enter. Each have an effect on variations 4.6.0-4.6.1 and 4.4.0-4.4.11, with CVSS v3.1 base scores of 5.5 (Medium).​

CVE IDDescriptionAffected VersionsCVSS v3.1ReferencesCVE-2025-13945HTTP3 dissector crash on decryption4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-07​CVE-2025-13946MEGACO dissector infinite loop4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-08​

No exploits are recognized, however attackers may induce crashes remotely.​

The replace corrects an API/ABI change from 4.6.1, breaking plugins from 4.6.0. Further fixes cowl Omnipeek file assist, stack buffer overflow in BER dealing with, fuzz-induced crashes, and a base32 perform naming error. Home windows installers now embrace Visible C++ Redistributable 14.44.35112 for higher compatibility.

Up to date dissectors enhance parsing for ATM PW, COSEM, GTP, HTTP3, IEEE 802.15.4, MEGACO, PTP, SMTP, and others. Peektagged seize recordsdata achieve native assist, aiding various community forensics duties. No new protocols added, specializing in reliability.​

Customers ought to improve promptly by way of the Wireshark Obtain web page and confirm plugin compatibility. The Wireshark Basis encourages contributions at wiresharkfoundation.org. This launch bolsters Wireshark’s position in protocol schooling and SharkFest occasions.​

Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

PhantomRaven Attack Involves 126 Malicious npm Packages with Over 86,000 Downloads Hiding Malicious Code PhantomRaven Attack Involves 126 Malicious npm Packages with Over 86,000 Downloads Hiding Malicious Code Cyber Security News
Chrome Security Update Patches Background Fetch API Vulnerability Chrome Security Update Patches Background Fetch API Vulnerability Cyber Security News
Top 10 Best VPN Services of 2026 Top 10 Best VPN Services of 2026 Cyber Security News
New Malware Leverages Windows Character Map to Bypass Windows Defender and Mine Cryptocurrency for The Attackers New Malware Leverages Windows Character Map to Bypass Windows Defender and Mine Cryptocurrency for The Attackers Cyber Security News
K2 Think AI Model Jailbroken Within Hours After The Release K2 Think AI Model Jailbroken Within Hours After The Release Cyber Security News
2,000+ Devices Hacked Using Weaponized Social Security Statement Themes 2,000+ Devices Hacked Using Weaponized Social Security Statement Themes Cyber Security News