TPM Information leak between SNS administrators

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2025-003 CVE-2025-48707 10/01/2024 low v2

Vulnerability details

TPM authentication information can be shared between administrators in some cases.

Impacted products

ProductsSeverityDetail
Stormshield Network Security low SNS is impacted

Revisions

Version Date Description
v1 09/24/2025 Initial release.
v2 10/06/2025 List of concerned products added.


Stormshield Network Security

CVSS v3.1 Overall Score: 2.5      

Analysis

Impacted version

TPM authentication information can, in some HA use cases, be shared among users through some verbose system files if verbose is enabled (verbose is disabled by default).

It is recommended to update passwords if your SNS appliance is concerned by this vulnerabilty.

List of SNS products with TPM :

  • SN-XS-Series-170 / SNi10
  • SN-S-Series (220/320)
  • SN-M-Series-520
  • SN-M-Series (720/920)
  • SN1100
  • SN3100
  • SN-L-Series (2200/3200)
  • SN-XL-Series (5200/6200)
  • SNi20
  • SNxr1200
  • SNS 4.3.0 to 4.3.39
  • SNS 4.7.0 to 4.7.10
  • SNS 4.8.0 to 4.8.11
  • SNS 5.0.0

Workaround solution

Solution

Disabling verbose in the ConfigFiles/serverd file will prevent the information leak.

The following updates will fix this vulnerability.

  • SNS 4.3.40
  • SNS 4.8.12
  • SNS 5.0.1


Attack Vector Attack Complexity Privileges Required User Interaction Scope Confidentiality Impact Integrity Impact Availability impact
Local Low High None Unchanged Low None None
CVSS Base score: 2.3 CVSS Vector: (AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N)
Exploit Code Maturity Remediation Level Report Confidence
Proof of concept code Official fix Confirmed
CVSS Temporal score: 2.1 CVSS Vector: (AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C)
Confidentiality Impact (MC) Integrity Impact (MI) Availability Impact (MA)
Low Low Low
Confidentiality Requirement (CR) Integrity Requirement (IR) Availability Requirement (AR)
Low Low Low
CVSS Environmental score: 2.5 CVSS Vector: (AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C/CR:L/IR:L/AR:L/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:L/MI:L/MA:L)