cbcvebase.
CVE-2025-68383
published 2025-12-18

CVE-2025-68383: Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to…

PriorityP424medium6.5CVSS 3.1
AVAACLPRNUINSUCNINAH
EPSS
0.17%
6.5th percentile
Improper Validation of Specified Index, Position, or Offset in Input (CWE-1285) in Filebeat Syslog parser and the Libbeat Dissect processor can allow a user to trigger a Buffer Overflow (CAPEC-100) and cause a denial of service (panic/crash) of the Filebeat process via either a malformed Syslog message or a malicious tokenizer pattern in the Dissect configuration.

Affected

13 ranges
VendorProductVersion rangeFixed in
elasticfilebeat7.0.0 – 7.17.29
elasticfilebeat>= 8.0.0 < 8.19.98.19.9
elasticfilebeat8.0.0 – 8.19.8
elasticfilebeat>= 9.0.0 < 9.1.99.1.9
elasticfilebeat9.0.0 – 9.1.8
elasticfilebeat>= 9.2.0 < 9.2.39.2.3
elasticfilebeat9.2.0 – 9.2.2
github.comelastic_beats0 – 7.6.2
github.comelastic_beats_v7>= 0 < 7.0.0-alpha2.0.20251204214633-dd3af18220bf7.0.0-alpha2.0.20251204214633-dd3af18220bf
github.comelastic_beats_v7>= 7.7.0 < 8.19.98.19.9
github.comelastic_beats_v7>= 7.7.0
github.comelastic_beats_v7>= 9.0.0 < 9.1.99.1.9
github.comelastic_beats_v7>= 9.2.0 < 9.2.39.2.3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.