Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support

Posted on By CWS

Wireshark 4.6.2, the most recent model of the main open-source community protocol analyzer, addresses important crash vulnerabilities and plugin compatibility points. This upkeep launch prioritizes stability for customers in troubleshooting and safety evaluation.​

Builders patched two denial-of-service vulnerabilities recognized in latest dissectors. The HTTP3 dissector crash (CVE-2025-13945) happens throughout decryption of site visitors by way of keylog recordsdata or seize recordsdata with secrets and techniques, probably triggered by malformed packets.

Equally, the MEGACO dissector infinite loop (CVE-2025-13946) could cause extreme CPU utilization beneath malformed enter. Each have an effect on variations 4.6.0-4.6.1 and 4.4.0-4.4.11, with CVSS v3.1 base scores of 5.5 (Medium).​

CVE IDDescriptionAffected VersionsCVSS v3.1ReferencesCVE-2025-13945HTTP3 dissector crash on decryption4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-07​CVE-2025-13946MEGACO dissector infinite loop4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-08​

No exploits are recognized, however attackers may induce crashes remotely.​

The replace corrects an API/ABI change from 4.6.1, breaking plugins from 4.6.0. Further fixes cowl Omnipeek file assist, stack buffer overflow in BER dealing with, fuzz-induced crashes, and a base32 perform naming error. Home windows installers now embrace Visible C++ Redistributable 14.44.35112 for higher compatibility.

Up to date dissectors enhance parsing for ATM PW, COSEM, GTP, HTTP3, IEEE 802.15.4, MEGACO, PTP, SMTP, and others. Peektagged seize recordsdata achieve native assist, aiding various community forensics duties. No new protocols added, specializing in reliability.​

Customers ought to improve promptly by way of the Wireshark Obtain web page and confirm plugin compatibility. The Wireshark Basis encourages contributions at wiresharkfoundation.org. This launch bolsters Wireshark’s position in protocol schooling and SharkFest occasions.​

Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites Cyber Security News
MediaTek July 2025 Security Update Patches Vulnerabilities Affecting a Wide Range of Their Chipsets Cyber Security News
FBI Warns of Fake Internet Crime Complaint Center (IC3) Website Used for Phishing Attacks Cyber Security News
Insider Threats in 2025 Detection and Prevention Strategies Cyber Security News
North Korean Hackers Using Fake Zoom Invites to Attack Crypto Startups Cyber Security News
Ransomware Negotiation When and How to Engage Attackers Cyber Security News