CVE-2025-35435 is a medium severity vulnerability identified in CISA Thorium version 1.0.0, categorized under CWE-369 (Divide By Zero). The flaw arises because the Thorium service accepts a stream split size parameter that can be set to zero. When this occurs, the software attempts to divide by this zero value, leading to a runtime exception that causes the service to crash. This vulnerability requires an attacker to be authenticated to the system but does not require any user interaction. The attack vector is network-based (AV:N), and the attack complexity is low (AC:L), meaning an authenticated attacker with network access can reliably trigger the crash. The impact is limited to availability, as the vulnerability does not affect confidentiality or integrity. No known exploits are currently reported in the wild, and the issue has been fixed in a later commit (89101a6). The vulnerability does not allow privilege escalation or data compromise but can cause denial of service by crashing the Thorium service, potentially disrupting operations relying on it.

For European organizations using CISA Thorium 1.0.0, this vulnerability poses a risk of service disruption due to denial of service attacks by authenticated users. While the impact is limited to availability and does not compromise data confidentiality or integrity, the crash of Thorium services could interrupt critical cybersecurity monitoring or response functions if Thorium is integrated into security operations. Organizations relying heavily on Thorium for threat detection or incident response may experience operational delays or gaps in security coverage during service downtime. The requirement for authentication limits the attack surface to insiders or compromised accounts, but insider threats or credential theft could still enable exploitation. Given the medium severity and the availability of a fix, timely patching is essential to maintain service reliability and avoid potential operational disruptions.

1. Apply the patch or update to the fixed version of CISA Thorium that includes commit 89101a6 to eliminate the divide-by-zero flaw. 2. Restrict and monitor authenticated access to the Thorium service, enforcing strong authentication mechanisms and least privilege principles to reduce the risk of malicious insiders or compromised accounts exploiting the vulnerability. 3. Implement robust logging and alerting on abnormal service crashes or restarts to detect potential exploitation attempts promptly. 4. Conduct regular security audits and vulnerability scans on Thorium deployments to ensure no outdated versions remain in production. 5. Consider deploying application-layer protections such as input validation or filtering to prevent zero values from being accepted as stream split sizes if patching is delayed. 6. Establish incident response procedures to quickly recover from service disruptions caused by this vulnerability.