Skip to main content

Stormshield Network Security

23 CVEs product

Monthly

CVE-2026-8482 MEDIUM This Month

Secret credential leakage in StormShield Network Security's CLI tool exposes the proxy CA passphrase or TPM password to other users sharing an SSH session on the firewall appliance. Affected versions span three distinct branches - 4.3.0-4.3.41, 4.8.0-4.8.15, and 5.0.0-5.0.5 - and exploitation is gated behind SSH multiuser mode being explicitly enabled. No active exploitation has been confirmed by CISA KEV and no public proof-of-concept has been identified at time of analysis, though the leaked secrets carry high downstream value for privilege escalation or certificate authority abuse.

Information Disclosure Stormshield Network Security
NVD VulDB
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-8480 MEDIUM This Month

Administrative access to the Stormshield Network Security captive-admin portal is bypassed when an attacker presents a revoked client certificate, because the portal does not enforce certificate revocation checks during TLS mutual authentication. Affected versions span three branches: 4.3.0-4.3.41, 4.4.0-4.8.15, and 5.0.2 EA-5.0.5. No public exploit has been identified at time of analysis and the vulnerability is absent from CISA KEV, but the threat actor population is meaningfully constrained - exploitation requires prior possession of a certificate that was specifically issued for this portal and then revoked.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-48707 HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-28616 HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-47091 HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-47093 MEDIUM This Month

An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Stormshield Network Security
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2023-41166 MEDIUM This Month

An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2023-26095 HIGH This Week

ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-20052 MEDIUM This Month

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Secure Endpoint Secure Endpoint Private Cloud Clamav Stormshield Network Security
NVD
CVSS 3.1
5.3
EPSS
7.0%
CVE-2023-20032 CRITICAL Act Now

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service Secure Endpoint Secure Endpoint Private Cloud +3
NVD
CVSS 3.1
9.8
EPSS
29.3%
CVE-2023-0286 LIB HIGH PATCH This Week

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption OpenSSL Denial Of Service Stormshield Management Center Stormshield Network Security
NVD
CVSS 3.1
7.4
EPSS
59.5%
CVE-2022-40617 HIGH This Week

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Ubuntu Linux Debian Linux Fedora +1
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-27812 HIGH This Week

Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-37434 CRITICAL POC PATCH THREAT Act Now

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Zlib Fedora Debian Linux +14
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
16.0%
CVE-2022-30279 HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-23989 HIGH This Week

In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.5, a flood of connections to the SSLVPN service might lead to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-28127 HIGH This Week

An issue was discovered in Stormshield SNS through 4.2.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2021-28665 HIGH This Week

Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Network Security Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2021-27506 MEDIUM This Month

The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netasq Stormshield Network Security Clamav
NVD
CVSS 3.1
5.5
EPSS
1.3%
CVE-2021-3384 MEDIUM This Month

A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
CVSS 3.1
5.3
EPSS
1.0%
CVE-2020-7466 HIGH POC PATCH This Week

The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure Mpd Stormshield Network Security
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2020-7465 CRITICAL POC PATCH Act Now

The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Denial Of Service Memory Corruption Mpd +1
NVD
CVSS 3.1
9.8
EPSS
2.9%
CVE-2020-8430 MEDIUM This Month

Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Stormshield Network Security
NVD
CVSS 3.1
6.1
EPSS
0.9%
EPSS 0% CVSS 4.3
MEDIUM This Month

Secret credential leakage in StormShield Network Security's CLI tool exposes the proxy CA passphrase or TPM password to other users sharing an SSH session on the firewall appliance. Affected versions span three distinct branches - 4.3.0-4.3.41, 4.8.0-4.8.15, and 5.0.0-5.0.5 - and exploitation is gated behind SSH multiuser mode being explicitly enabled. No active exploitation has been confirmed by CISA KEV and no public proof-of-concept has been identified at time of analysis, though the leaked secrets carry high downstream value for privilege escalation or certificate authority abuse.

Information Disclosure Stormshield Network Security
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM This Month

Administrative access to the Stormshield Network Security captive-admin portal is bypassed when an attacker presents a revoked client certificate, because the portal does not enforce certificate revocation checks during TLS mutual authentication. Affected versions span three branches: 4.3.0-4.3.41, 4.4.0-4.8.15, and 5.0.2 EA-5.0.5. No public exploit has been identified at time of analysis and the vulnerability is absent from CISA KEV, but the threat actor population is meaningfully constrained - exploitation requires prior possession of a certificate that was specifically issued for this portal and then revoked.

Information Disclosure Stormshield Network Security
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Stormshield Network Security
NVD
EPSS 0% CVSS 7.5
HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stormshield Network Security
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Stormshield Network Security
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
EPSS 1% CVSS 7.5
HIGH This Week

ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Stormshield Network Security
NVD
EPSS 7% CVSS 5.3
MEDIUM This Month

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Secure Endpoint Secure Endpoint Private Cloud +2
NVD
EPSS 29% CVSS 9.8
CRITICAL Act Now

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Denial Of Service +5
NVD
EPSS 60% CVSS 7.4
HIGH PATCH This Week

There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption OpenSSL Denial Of Service +2
NVD
EPSS 2% CVSS 7.5
HIGH This Week

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Ubuntu Linux +3
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
EPSS 16% CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Zlib +16
NVD GitHub VulDB
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference Stormshield Network Security
NVD
EPSS 1% CVSS 7.5
HIGH This Week

In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.5, a flood of connections to the SSLVPN service might lead to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Stormshield Network Security
NVD
EPSS 1% CVSS 7.5
HIGH This Week

An issue was discovered in Stormshield SNS through 4.2.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Network Security Stormshield Network Security
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netasq Stormshield Network Security +1
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Stormshield Network Security
NVD
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service Information Disclosure +2
NVD
EPSS 3% CVSS 9.8
CRITICAL POC PATCH Act Now

The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Denial Of Service +3
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Stormshield Network Security
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy