Start your free trial today.

Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.

Your Shield Against Threats

Unleash the Power of Cybersecurity

Boost Your Security, Enhance Your Business

We solve Your Cyber Challenges

Quick Links

Resources

Deepaegis Portals

Vulnerability Advisory : Positive Technologies MaxPatrol 8 & XSpider Remote DoS with LOW Attack Complexity

Summary

Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remote attacker can repeatedly issue HTTPS requests to the service, causing excessive allocation of session identifiers. Under load, session identifier collisions may occur, forcing active client sessions to disconnect and resulting in service disruption.

Impact Assessment

Timeline

Published

November 14, 2025

Last Modified

November 14, 2025

Related Advisories