CVE-2025-13674 is a vulnerability identified in Wireshark version 4.6.0, specifically within the BPv7 protocol dissector component. The issue stems from an access of an uninitialized pointer (CWE-824), which can cause the application to crash, resulting in a denial of service (DoS). This vulnerability does not affect confidentiality or integrity but impacts availability by causing Wireshark to terminate unexpectedly when processing crafted BPv7 packets. The attack vector is local (AV:L), meaning the attacker must have local access to the system running Wireshark. No privileges are required (PR:N), but user interaction is necessary (UI:R), such as opening a malicious capture file. The scope remains unchanged (S:U), indicating the vulnerability affects only the vulnerable component without extending beyond it. The CVSS v3.1 base score is 5.5, categorizing it as medium severity. There are no known exploits in the wild at the time of publication, and no patches have been linked yet, though it is expected that the Wireshark Foundation will release a fix. The vulnerability highlights the risks of processing untrusted network capture data and the importance of secure parsing in protocol dissectors.

For European organizations, the primary impact of CVE-2025-13674 is the potential for denial of service on systems running Wireshark 4.6.0, particularly those used for network monitoring, analysis, or forensic investigations. This could disrupt incident response activities or network troubleshooting, leading to delayed detection and mitigation of other security incidents. While the vulnerability does not compromise data confidentiality or integrity, the availability impact could affect operational continuity in security operations centers (SOCs) and network management teams. Organizations relying heavily on Wireshark for real-time packet analysis may experience interruptions if malicious or malformed BPv7 packets are processed. The requirement for local access and user interaction limits the attack surface, but insider threats or compromised user accounts could exploit this vulnerability. The lack of known exploits reduces immediate risk, but the presence of this flaw underscores the need for vigilance in handling network capture files from untrusted sources.

European organizations should proactively mitigate this vulnerability by: 1) Avoiding the use of Wireshark version 4.6.0 until a patched version is released by the Wireshark Foundation. 2) If immediate upgrade is not possible, disable or avoid using the BPv7 dissector when analyzing untrusted or unknown capture files to prevent triggering the vulnerability. 3) Implement strict access controls to limit local user access to systems running Wireshark, reducing the risk of exploitation via local vectors. 4) Educate users and analysts to avoid opening suspicious or unverified capture files, especially those containing BPv7 traffic. 5) Monitor Wireshark Foundation advisories and apply patches promptly once available. 6) Employ network segmentation and endpoint protection to reduce the likelihood of attackers gaining local access. 7) Consider alternative packet analysis tools temporarily if Wireshark usage is critical and patching is delayed. These targeted steps go beyond generic advice by focusing on the specific conditions and components involved in this vulnerability.