Stormshield Network Security Vulnerability in High Availability Configurations
CVE-2025-48707

7.5HIGH

Key Information:

Vendor: Stormshield
Status: Stormshield Network Security
Vendor: CVE Published:; 25 September 2025

🔔 Create Stormshield Vulnerability Alert

What is CVE-2025-48707?

The vulnerability identified in Stormshield Network Security prior to version 5.0.1 involves a misconfiguration in high availability (HA) scenarios. Specifically, TPM authentication information can be inadvertently shared among administrators, posing a significant risk of secret sharing and potential exploitation. This issue underlines the importance of maintaining secure configurations and updating to the latest version to mitigate risks.

References

https://advisories.stormshield.eu/2025-003/

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 25, 2025
Vulnerability Reserved
May 23, 2025

CVE-2025-48707 Data

JSON