Description
Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remote attacker can repeatedly issue HTTPS requests to the service, causing excessive allocation of session identifiers. Under load, session identifier collisions may occur, forcing active client sessions to disconnect and resulting in service disruption.
References (4)
Core 4
Core References
Various Sources exploit
https://vulners.com/zdt/1337DAY-ID-36775
Various Sources product
https://www.ptsecurity.com/
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/positive-technologies-maxpatrol-8-and-xspider-remote-dos
Issue Tracking exploit
https://cxsecurity.com/issue/WLB-2021090114
Scores
CVSS v4
8.7
EPSS
0.0040
EPSS Percentile
32.0%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-400
Status
published
Products (2)
Positive Technologies/MaxPatrol 8 (Server)
< 09.2020
Positive Technologies/XSpider (Server)
< 09.2020
Published
Nov 14, 2025
Tracked Since
Feb 18, 2026