CVE-2025-35435 is a medium-severity vulnerability identified in version 1.0.0 of the CISA Thorium product. The root cause is a divide-by-zero error (CWE-369) triggered when the software accepts a stream split size parameter set to zero and subsequently attempts to divide by this value. This flaw can be exploited by a remote attacker who has authenticated access to the system, allowing them to cause the Thorium service to crash, resulting in a denial of service (DoS) condition. The vulnerability does not impact confidentiality or integrity directly but affects availability by crashing the service. No user interaction is required beyond authentication, and the attack vector is network-based with low complexity. The issue was addressed and fixed in a later commit (89101a6), but no official patch links are provided in the data. There are no known exploits in the wild at the time of publication (September 2025). The CVSS v3.1 base score is 4.3, reflecting the limited impact scope and the requirement for authentication.

For European organizations using CISA Thorium version 1.0.0, this vulnerability poses a risk primarily to service availability. An attacker with valid credentials could remotely crash the Thorium service, potentially disrupting critical operations that depend on it. This could lead to downtime, loss of productivity, and operational delays. While the vulnerability does not expose sensitive data or allow unauthorized data modification, the denial of service could impact incident response or security monitoring capabilities if Thorium is used in such contexts. Organizations in sectors with high availability requirements, such as finance, healthcare, and critical infrastructure, may experience operational risks. Additionally, repeated exploitation attempts could increase the risk of cascading failures or resource exhaustion on affected systems.

To mitigate this vulnerability, European organizations should: 1) Immediately upgrade CISA Thorium to a version that includes the fix from commit 89101a6 or later. 2) If an upgrade is not immediately possible, implement strict input validation on the stream split size parameter to reject zero or invalid values before they reach the vulnerable code path. 3) Restrict and monitor authenticated access to the Thorium service, employing strong authentication mechanisms and limiting user privileges to reduce the attack surface. 4) Deploy network-level protections such as firewalls and intrusion detection systems to detect and block anomalous requests targeting this parameter. 5) Implement robust service monitoring and automated restart mechanisms to minimize downtime in case of crashes. 6) Conduct regular audits and penetration testing focused on input validation and denial of service vectors to proactively identify similar issues.