CVE-2025-13674 is a vulnerability identified in Wireshark version 4.6.0, specifically within the BPv7 protocol dissector. The root cause is an access of an uninitialized pointer (CWE-824), which can lead to a denial of service condition by crashing the Wireshark application when it processes specially crafted BPv7 packets. This flaw arises because the dissector attempts to read memory that has not been properly initialized, causing instability and application failure. The vulnerability requires local access since Wireshark is typically run by users analyzing network traffic, and it also requires user interaction to open or process the malicious packet capture. The CVSS v3.1 base score is 5.5, indicating a medium severity level. The attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), but user interaction is necessary (UI:R). The impact is limited to availability (A:H), with no confidentiality or integrity impact. No patches were linked at the time of publication, and no known exploits have been reported in the wild. This vulnerability could be exploited by an attacker who can convince a user to open a malicious capture file containing crafted BPv7 packets, causing Wireshark to crash and denying service to the user or analyst.

The primary impact of CVE-2025-13674 is denial of service through application crashes, which can disrupt network analysis and monitoring activities. For organizations relying on Wireshark for troubleshooting, incident response, or network security monitoring, such crashes can delay detection and response to real threats. Although this vulnerability does not compromise data confidentiality or integrity, the loss of availability can hinder operational efficiency and forensic investigations. In environments where Wireshark is used extensively, repeated crashes could lead to reduced trust in the tool or force analysts to switch to alternative solutions, potentially increasing operational costs. Since exploitation requires user interaction and local access, the risk is somewhat limited to targeted attacks or accidental exposure to malicious capture files. No known active exploitation reduces immediate risk but does not eliminate the potential for future attacks once exploit code becomes available.

To mitigate CVE-2025-13674, organizations should monitor Wireshark Foundation announcements and promptly apply patches once available. Until a patch is released, users should avoid opening untrusted or suspicious packet capture files, especially those containing BPv7 protocol data. Network administrators can implement strict file handling policies and restrict the use of Wireshark to trusted personnel. Employing sandboxing or running Wireshark in isolated environments can limit the impact of crashes. Additionally, educating users about the risks of opening unknown capture files and verifying the source of such files can reduce exposure. Network segmentation and limiting access to sensitive capture files further reduce the attack surface. Finally, consider using alternative packet analysis tools that do not exhibit this vulnerability if immediate patching is not feasible.