CVE-2025-68381Out-of-bounds Write in Elasticsearch Packetbeat

CWE-787Out-of-bounds Write4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 81.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Elasticsearch PacketbeatElastic Packetbeat
Timeline
PublishedDec 18
Latest updateDec 19

Description

Improper Bounds Check (CWE-787) in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow (CAPEC-100) and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

NVDelasticsearch/packetbeat8.0.08.19.9+3
CVEListV5elastic/packetbeat7.0.07.17.29+3

🔴Vulnerability Details

2
GHSA
GHSA-9gqx-7h84-8hg2: Improper Bounds Check (CWE-787) in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow (CAPEC-100) and reliably crash2025-12-19
CVEList
Packetbeat Improper Bounds Check2025-12-18

🕵️Threat Intelligence

1
Wiz
CVE-2025-68381 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-68381 — Out-of-bounds Write in Elasticsearch | cvebase