"alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"AM EXPLOIT Suricata < v8.0.1 Detection Bypass via SYN packets (CVE-2025-59147)"; flow:to_server,stateless; flags:S; ack:0; threshold: type threshold, track by_src, count 2, seconds 5; reference:url,redmine.openinfosecfoundation.org/issues/7657; reference:cve,CVE-2025-59147; classtype:bad-unknown; sid:3063332; rev:9; metadata: affected_asset dst, affected_product oisf:suricata, affected_vendor suricata, attack_target Networking_Equipment, tag T1211, tias_category Exploitation;)"