CVE-2025-68381

Published: Dec 18, 2025Modified: Dec 23, 2025

6.5

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: security@elastic.co (Secondary)

Description

Improper Bounds Check (CWE-787) in Packetbeat can allow a remote unauthenticated attacker to exploit a Buffer Overflow (CAPEC-100) and reliably crash the application or cause significant resource exhaustion via a single crafted UDP packet with an invalid fragment sequence number.

Affected (4)

Products: Elasticsearch: Packetbeat

Elasticsearch

1 product

Packetbeat

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Elasticsearch Packetbeat	From 7.0.0 to 7.17.29
Elasticsearch Packetbeat	From 8.0.0 to 8.19.9
Elasticsearch Packetbeat	From 9.0.0 to 9.1.9
Elasticsearch Packetbeat	From 9.2.0 to 9.2.3

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (1)

https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-30/384178

Source: security@elastic.co

Vendor Advisory

Timeline

No history available yet.