Detections
Analytics

Wireshark 4.2.x < 4.2.14 A Vulnerability

high Nessus Plugin ID 269771

Language:

Synopsis

An application installed on the remote Windows host is affected by a vulnerability.

Description

The version of Wireshark installed on the remote Windows host is prior to 4.2.14. It is, therefore, affected by a vulnerability as referenced in the wireshark-4.2.14 advisory.

 - The MONGO dissector could go into an infinite loop. Discovered in our internal testing environment. We are unaware of any exploits for this issue. It may be possible to make Wireshark consume excessive CPU resources by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. (wireshark-bug-20724)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Wireshark version 4.2.14 or later.

See Also

https://www.wireshark.org/docs/relnotes/wireshark-4.2.14.html

https://gitlab.com/wireshark/wireshark/-/issues/20724

https://www.wireshark.org/security/wnpa-sec-2025-04

Plugin Details

Severity: High

ID: 269771

File Name: wireshark_4_2_14.nasl

Version: 1.1

Type: local

Agent: windows

Family: Windows

Published: 10/9/2025

Updated: 10/9/2025

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: cpe:/a:wireshark:wireshark

Required KB Items: installed_sw/Wireshark, SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Patch Publication Date: 10/8/2025

Vulnerability Publication Date: 10/8/2025