{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/network-security-sns-5.x/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*","cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":7.5,"id":"CVE-2025-9086"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Network Security (SNS) 4.3.x","Network Security (SNS) 4.4.x","Network Security (SNS) 4.8.x","Network Security (SNS) 5.x"],"_cs_severities":["medium"],"_cs_tags":["denial-of-service","network-security","cve-2025-9086"],"_cs_type":"advisory","_cs_vendors":["Stormshield"],"content_html":"\u003cp\u003eA vulnerability has been discovered in Stormshield Network Security (SNS) that allows an attacker to cause a remote denial of service. The vulnerability affects SNS versions 4.3.x prior to 4.3.43, SNS versions 4.4.x to 4.8.x prior to 4.8.16, and SNS versions 5.x prior to 5.0.6. An attacker exploiting this vulnerability can disrupt the availability of the affected SNS devices, potentially impacting network security and accessibility. The vulnerability is identified as CVE-2025-9086 and is detailed in StormShield security bulletin 2026-010. This poses a significant threat to organizations relying on Stormshield SNS for network security, requiring immediate patching.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a vulnerable Stormshield Network Security (SNS) device running an affected version (4.3.x before 4.3.43, 4.4.x to 4.8.x before 4.8.16, or 5.x before 5.0.6).\u003c/li\u003e\n\u003cli\u003eAttacker crafts a malicious network packet specifically designed to exploit CVE-2025-9086. The specific details of the packet structure are not publicly available but target a known vulnerability.\u003c/li\u003e\n\u003cli\u003eAttacker sends the crafted packet to the vulnerable SNS device over the network.\u003c/li\u003e\n\u003cli\u003eThe SNS device receives and processes the malicious packet.\u003c/li\u003e\n\u003cli\u003eDue to the vulnerability, processing of the packet causes the SNS device to enter a denial-of-service state. This may involve crashing the device, exhausting its resources, or causing it to become unresponsive.\u003c/li\u003e\n\u003cli\u003eThe SNS device becomes unavailable, disrupting network traffic and security services it provides.\u003c/li\u003e\n\u003cli\u003eLegitimate users are unable to access network resources protected by the affected SNS device.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2025-9086 results in a denial-of-service condition on the Stormshield Network Security (SNS) device. This can lead to network outages, disruptions in service availability, and potential exposure of internal network resources. The impact depends on the role of the SNS device within the network infrastructure, but can range from localized service interruptions to widespread network failures. Organizations relying on SNS for critical security functions are particularly vulnerable.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImmediately patch Stormshield Network Security (SNS) devices to the latest versions to address CVE-2025-9086, as detailed in StormShield security bulletin 2026-010.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for suspicious packets targeting Stormshield SNS devices. Tuning and deployment of the provided network connection rule can detect potential exploitation attempts.\u003c/li\u003e\n\u003cli\u003eReview and update incident response plans to include procedures for addressing denial-of-service attacks targeting network security devices.\u003c/li\u003e\n\u003cli\u003eApply the provided Sigma rule for process creation to detect potential exploitation attempts on vulnerable systems.\u003c/li\u003e\n\u003cli\u003eConsult the Stormshield advisory (\u003ca href=\"https://advisories.stormshield.eu/2026-010\"\u003ehttps://advisories.stormshield.eu/2026-010\u003c/a\u003e) for detailed patching instructions and mitigation guidance.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-22T13:06:39Z","date_published":"2026-05-22T13:06:39Z","id":"https://feed.craftedsignal.io/briefs/2026-05-stormshield-dos/","summary":"A remote denial-of-service vulnerability exists in Stormshield Network Security (SNS) versions 4.3.x before 4.3.43, 4.4.x to 4.8.x before 4.8.16, and 5.x before 5.0.6, allowing an attacker to disrupt service availability.","title":"Stormshield Network Security (SNS) Remote Denial-of-Service Vulnerability","url":"https://feed.craftedsignal.io/briefs/2026-05-stormshield-dos/"}],"language":"en","title":"CraftedSignal Threat Feed — Network Security (SNS) 5.x","version":"https://jsonfeed.org/version/1.1"}