CVE-2025-55089
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-16

Last updated on: 2025-10-16

Assigner: Eclipse Foundation

Description
In FileX before 6.4.2, the file support module for Eclipse Foundation ThreadX, there was a possible buffer overflow in the FileX RAM disk driver. It could cause a remote execurtion after receiving a crafted sequence of packets
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-16
Last Modified
2025-10-16
Generated
2026-06-16
AI Q&A
2025-10-16
EPSS Evaluated
2026-06-15
NVD
CVE-2025-55089
EUVD
EUVD-2025-34715
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
eclipse threadx *
eclipse threadx_filex *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-119 The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-55089 is a critical buffer overflow vulnerability in the FileX RAM disk driver component of Eclipse ThreadX FileX before version 6.4.2. The issue occurs because the driver does not properly validate that the total sectors multiplied by sector size fits within the allocated RAM disk memory buffer. When processing certain network requests, such as a PUT request via the NetXDuo HTTP server, the driver copies data to a calculated memory location without bounds checking, which can overflow the buffer and overwrite adjacent memory. This can lead to remote code execution without requiring privileges or user interaction. [1]

Impact Analysis

This vulnerability can allow an attacker to remotely execute arbitrary code on a system running a vulnerable version of FileX with the RAM disk driver configured unsafely. Because the attack requires no privileges or user interaction and can be performed over the network, it poses a critical risk to system confidentiality, integrity, and availability. Exploitation can cause crashes or allow full system compromise. [1]

Detection Guidance

This vulnerability can be detected by monitoring for crashes or segmentation faults (e.g., SIGSEGV at address 0x41414141) in systems running vulnerable versions of FileX before 6.4.2, especially when using the RAM disk driver. Detection can also involve analyzing network traffic for suspicious PUT requests to the NetXDuo HTTP server that might trigger the buffer overflow. Specific commands are not provided in the resources, but monitoring system logs for crashes and using network packet capture tools (e.g., tcpdump or Wireshark) to inspect PUT requests targeting the RAM disk driver could help identify exploitation attempts. [1]

Mitigation Strategies

Immediate mitigation steps include upgrading FileX to version 6.4.2 or later, where the vulnerability is patched. Additionally, ensure that the product configuration enforces the condition that (total sectors * sector size) is less than the size of the RAM disk memory buffer during fx_media_format initialization to prevent buffer overflows. Avoid using unsafe sample configurations that initialize the RAM disk driver with incorrect parameters. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55089. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart