Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support

Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support

Posted on By CWS

Wireshark 4.6.2, the most recent model of the main open-source community protocol analyzer, addresses important crash vulnerabilities and plugin compatibility points. This upkeep launch prioritizes stability for customers in troubleshooting and safety evaluation.​

Builders patched two denial-of-service vulnerabilities recognized in latest dissectors. The HTTP3 dissector crash (CVE-2025-13945) happens throughout decryption of site visitors by way of keylog recordsdata or seize recordsdata with secrets and techniques, probably triggered by malformed packets.

Equally, the MEGACO dissector infinite loop (CVE-2025-13946) could cause extreme CPU utilization beneath malformed enter. Each have an effect on variations 4.6.0-4.6.1 and 4.4.0-4.4.11, with CVSS v3.1 base scores of 5.5 (Medium).​

CVE IDDescriptionAffected VersionsCVSS v3.1ReferencesCVE-2025-13945HTTP3 dissector crash on decryption4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-07​CVE-2025-13946MEGACO dissector infinite loop4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-08​

No exploits are recognized, however attackers may induce crashes remotely.​

The replace corrects an API/ABI change from 4.6.1, breaking plugins from 4.6.0. Further fixes cowl Omnipeek file assist, stack buffer overflow in BER dealing with, fuzz-induced crashes, and a base32 perform naming error. Home windows installers now embrace Visible C++ Redistributable 14.44.35112 for higher compatibility.

Up to date dissectors enhance parsing for ATM PW, COSEM, GTP, HTTP3, IEEE 802.15.4, MEGACO, PTP, SMTP, and others. Peektagged seize recordsdata achieve native assist, aiding various community forensics duties. No new protocols added, specializing in reliability.​

Customers ought to improve promptly by way of the Wireshark Obtain web page and confirm plugin compatibility. The Wireshark Basis encourages contributions at wiresharkfoundation.org. This launch bolsters Wireshark’s position in protocol schooling and SharkFest occasions.​

Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

Real-Time Threat Monitoring Tool Using Sigma and YARA Rules Real-Time Threat Monitoring Tool Using Sigma and YARA Rules Cyber Security News
U.S. Authorities Investigating Malicious Email Targeting Trade Talks with China U.S. Authorities Investigating Malicious Email Targeting Trade Talks with China Cyber Security News
Massive Data Breach Hits China’s Tianjin Supercomputing Center Massive Data Breach Hits China’s Tianjin Supercomputing Center Cyber Security News
FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process Cyber Security News
1inch rolls out expanded bug bounties with rewards up to 0K 1inch rolls out expanded bug bounties with rewards up to $500K Cyber Security News
New QUIC-LEAK Vulnerability Let Attackers Exhaust Server Memory and Trigger DoS Attack New QUIC-LEAK Vulnerability Let Attackers Exhaust Server Memory and Trigger DoS Attack Cyber Security News