Amirabell

**Name of the Vulnerable Software and Affected Versions** Suricata versions 7.0.11 and below Suricata version 8.0.0 **Description** Suricata, a network IDS, IPS and NSM engine, experiences a detection bypass when receiving crafted traffic containing multiple SYN packets with differing sequence numbers within the same flow tuple. This can result in Suricata failing to establish the TCP session. In Intrusion Detection System (IDS) mode, this leads to a bypass of detection and logging. In Intrusion Prevention System (IPS) mode, the flow is blocked. **Recommendations** Update to Suricata version 7.0.12 or later. Update to Suricata version 8.0.1 or later.