Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support

Wireshark 4.6.2 Released With Fix for Vulnerabilities, and Updated Protocol Support

Posted on By CWS

Wireshark 4.6.2, the most recent model of the main open-source community protocol analyzer, addresses important crash vulnerabilities and plugin compatibility points. This upkeep launch prioritizes stability for customers in troubleshooting and safety evaluation.​

Builders patched two denial-of-service vulnerabilities recognized in latest dissectors. The HTTP3 dissector crash (CVE-2025-13945) happens throughout decryption of site visitors by way of keylog recordsdata or seize recordsdata with secrets and techniques, probably triggered by malformed packets.

Equally, the MEGACO dissector infinite loop (CVE-2025-13946) could cause extreme CPU utilization beneath malformed enter. Each have an effect on variations 4.6.0-4.6.1 and 4.4.0-4.4.11, with CVSS v3.1 base scores of 5.5 (Medium).​

CVE IDDescriptionAffected VersionsCVSS v3.1ReferencesCVE-2025-13945HTTP3 dissector crash on decryption4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-07​CVE-2025-13946MEGACO dissector infinite loop4.6.0-4.6.1, 4.4.0-4.4.115.5wnpa-sec-2025-08​

No exploits are recognized, however attackers may induce crashes remotely.​

The replace corrects an API/ABI change from 4.6.1, breaking plugins from 4.6.0. Further fixes cowl Omnipeek file assist, stack buffer overflow in BER dealing with, fuzz-induced crashes, and a base32 perform naming error. Home windows installers now embrace Visible C++ Redistributable 14.44.35112 for higher compatibility.

Up to date dissectors enhance parsing for ATM PW, COSEM, GTP, HTTP3, IEEE 802.15.4, MEGACO, PTP, SMTP, and others. Peektagged seize recordsdata achieve native assist, aiding various community forensics duties. No new protocols added, specializing in reliability.​

Customers ought to improve promptly by way of the Wireshark Obtain web page and confirm plugin compatibility. The Wireshark Basis encourages contributions at wiresharkfoundation.org. This launch bolsters Wireshark’s position in protocol schooling and SharkFest occasions.​

Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

Microsoft Enhances Windows Security by Turning Off File Previews for Downloads Microsoft Enhances Windows Security by Turning Off File Previews for Downloads Cyber Security News
Hackers Actively Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells Hackers Actively Exploiting ArrayOS AG VPN Vulnerability to Deploy Webshells Cyber Security News
Critical Flaw in Trivy Scanner Added to CISA’s Vulnerability List Critical Flaw in Trivy Scanner Added to CISA’s Vulnerability List Cyber Security News
FancyBear Security Breach Uncovers NATO Espionage Efforts FancyBear Security Breach Uncovers NATO Espionage Efforts Cyber Security News
Securden Unified PAM Vulnerability Let Attackers Bypass Authentication Securden Unified PAM Vulnerability Let Attackers Bypass Authentication Cyber Security News
New Report Claims Microsoft Used China-Based Engineers For SharePoint Support and Bug Fixing New Report Claims Microsoft Used China-Based Engineers For SharePoint Support and Bug Fixing Cyber Security News