What is CVE-2022-0583?

CVE-2022-0583 is a medium-severity vulnerability in Wireshark affecting versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11. It allows denial of service through crafted packets, requiring immediate attention from organizations.

What is the severity of CVE-2022-0583?

CVE-2022-0583 has a severity rating of MEDIUM with a CVSS base score of 6.3.

CVE-2022-0583 | Medium Vulnerability in Wireshark

CVE-2022-0583 describes a vulnerability in Wireshark, specifically in the PVFS protocol dissector. This issue affects versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11, allowing for denial of service through packet injection or crafted capture files. This vulnerability is classified as medium severity with a CVSS score of 6.3. The risk to organizations includes potential service interruptions, making it a critical issue that should not be overlooked.

Organizations should prioritize patching immediately. The exploitation potential is significant, as it can lead to denial of service, rendering affected systems unusable. The urgency for defenders to address this vulnerability is heightened due to its impact on service availability.

Currently, the vulnerability is not listed in the Known Exploited Vulnerabilities (KEV) catalog, and there have been no confirmed exploits in public databases. However, organizations must stay vigilant and implement the necessary remediations to mitigate any risks associated with this vulnerability.

The publication date of this vulnerability was February 14, 2022, and it has since been modified to reflect its current status. Organizations should review their systems and ensure that they are running versions of Wireshark that are not vulnerable to this issue.

As part of a comprehensive security strategy, implementing regular vulnerability assessments and adopting proactive security measures are crucial for maintaining a secure environment.

Vulnerability Details

CVE-2022-0583 allows for denial of service due to a crash in the PVFS protocol dissector. The CVSS score of 6.3 indicates a medium severity level, reflecting a potential impact on availability. The affected vendor is Wireshark, specifically versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11. The vulnerability was published on February 14, 2022, and is associated with the Common Weakness Enumeration (CWE) ID CWE-787.

Technical Analysis

The root cause of this vulnerability stems from inadequate handling of certain input data within the PVFS protocol dissector. When crafted packets are processed, the application may crash, leading to a denial of service.

The attack vector for this vulnerability is network-based, allowing attackers to exploit it from remote locations. The attack complexity is low, meaning that minimal effort is required to trigger the vulnerability. No privileges are required, and while user interaction is needed to open a crafted capture file, the impact on confidentiality, integrity, and availability is significant, with availability being notably affected.

Risk & Impact Analysis

The risk to organizations includes potential service interruptions that can impact operations. Given the medium severity score, organizations should assess the potential blast radius of this vulnerability within their networks, particularly those utilizing affected versions of Wireshark.

Organizations should address this vulnerability in priority patch cycles. Regular vulnerability assessments and timely patch management are essential to mitigate risks associated with such vulnerabilities.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

Affected versions include Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11. Organizations should ensure they upgrade to versions 3.4.12 or 3.6.2 or later to mitigate this vulnerability.

Mitigation & Remediation

Organizations should prioritize patching Wireshark to the latest versions to resolve this vulnerability. If immediate patching is not possible, consider implementing network segmentation to limit exposure. For ongoing security, regular vulnerability assessments and penetration testing should be part of the security strategy. For more information on penetration testing, organizations can refer to penetration testing services that can help identify vulnerabilities.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for anomalies related to the PVFS protocol. Additionally, monitoring for unusual network traffic patterns and analyzing system behavior when handling crafted capture files can provide insights into potential attacks.

AppSecure Threat Intelligence Insight

This vulnerability reflects a growing trend in network protocol vulnerabilities, emphasizing the need for robust testing and vulnerability management. Security teams should adopt a proactive approach to identify and address such issues before they can be exploited. For further insights into enhancing security measures, refer to our articles on penetration testing methodologies, vulnerability management programs, and security testing best practices to reinforce their security posture.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2022-0583: Medium Vulnerability in Wireshark