DoS on multicast routing

DoS on multicast routing

Advisory ID	CVE Number	Date discovered	Severity	Advisory revision
STORM-2025-002	CVE-2025-27829	11/22/2024	medium	v1

Vulnerability details

On some static multicast configuration, it’s possible to stop multicast trafic by sending particuliar requests to the firewall.

Impacted products

Products	Severity	Detail
Stormshield Network Security	medium	SNS is impacted.

Revisions

Version	Date	Description
v1	03/27/2025	Initial release

Stormshield Network Security

CVSS v3.1 Overall Score: 4.8

Analysis	Impacted version
According to the multicast configuration applied on the SNS firewall, it may be possible to disrupt the multicast routing service currently running, resulting in a denial of service (DoS) of multicast routing.	4.3.0 to 4.3.34

Workaround solution

Solution

There is no workaround solution.

The following SNS firmware versions fix this vulnerability:

4.3.35

Attack Vector	Attack Complexity	Privileges Required	User Interaction	Scope	Confidentiality Impact	Integrity Impact	Availability impact
Network	Low	None	None	Unchanged	None	None	Low

CVSS Base score: 5.3	CVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploit Code Maturity	Remediation Level	Report Confidence
Proof of concept code	Official fix	Confirmed

CVSS Temporal score: 4.8	CVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C)

Confidentiality Requirement	Integrity Requirement	Availability Requirement
Medium	Medium	Medium

CVSS Environmental score: 4.8	CVSS Vector: (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C/CR:M/IR:M/AR:M/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)

RSS Feed Contact Report a vulnerability Legal terms STORMSHIELD Corporate website Personal Data