Executive Summary

CVE-2025-55084 is a moderate severity vulnerability in NetX Duo (Eclipse ThreadX) versions before 6.4.4. It is an off-by-one out-of-bounds read in the function _nx_secure_tls_proc_clienthello_supported_versions_extension(), which processes the "supported versions" extension in a TLS ClientHello packet. The function incorrectly checks the length and then reads two bytes per iteration without ensuring the second byte is within bounds, leading to a buffer over-read if the extension content length is odd. This can cause information disclosure or application instability. [1]

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can be exploited remotely without any privileges or user interaction. It may lead to information disclosure due to the out-of-bounds read, or cause application instability. However, it does not impact integrity or availability. [1]

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by monitoring TLS ClientHello packets for malformed 'supported versions' extensions where the extension content length is odd, potentially causing out-of-bounds reads. Network packet inspection tools like Wireshark or tshark can be used to capture and analyze TLS ClientHello messages. For example, using tshark, you can filter TLS ClientHello packets and inspect the supported_versions extension length field for anomalies. However, no specific detection commands are provided in the resources. [1]

Useful 0 Not Useful 0

Mitigation Strategies

The immediate mitigation step is to upgrade NetX Duo to version 6.4.4 or later, where this vulnerability is fixed. Avoid using vulnerable versions (prior to 6.4.4). Additionally, applying network-level protections such as filtering or blocking suspicious TLS ClientHello packets with malformed supported versions extensions may help reduce exposure until the update is applied. [1]

Useful 0 Not Useful 0