CVE-2025-55090
BaseFortify
Publication date: 2025-10-16
Last updated on: 2025-10-21
Assigner: Eclipse Foundation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| eclipse | threadx_netx_duo | to 6.4.4.202503 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-126 | The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. |
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-55090 is a vulnerability in NetX Duo (Eclipse ThreadX) versions before 6.4.4, specifically in the _nx_ipv4_packet_receive() function. This function reads the first 4 bytes of an IPv4 packet header without verifying that these bytes are within the valid bounds of the packet data. If an attacker sends an Ethernet frame with less than 4 bytes of IP data, it can cause an out-of-bounds read, potentially leading to a crash or information leak by reading memory outside the intended buffer. [1]
How can this vulnerability impact me? :
This vulnerability can be exploited remotely without any privileges or user interaction. It may cause the affected system to crash or leak information due to out-of-bounds memory reads. The impact is limited to low confidentiality loss, with no impact on integrity or availability. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes or abnormal behavior in NetX Duo versions prior to 6.4.4 when processing IPv4 packets. Since the issue occurs when receiving Ethernet frames with less than 4 bytes of IP packet data, network packet capture tools like tcpdump or Wireshark can be used to identify suspicious small IPv4 packets. For example, using tcpdump to filter IPv4 packets with very small payloads could help detect potential exploit attempts: tcpdump -i <interface> 'ip and less 42' (assuming minimum IPv4 header size plus Ethernet frame). Additionally, monitoring system logs for crashes or memory access violations related to _nx_ipv4_packet_receive() may help detect exploitation attempts. However, no specific detection commands are provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade NetX Duo to version 6.4.4 or later, where the vulnerability in _nx_ipv4_packet_receive() has been patched. This update includes proper bounds checking to prevent out-of-bounds reads. Until the update can be applied, consider implementing network-level protections such as filtering or blocking suspicious Ethernet frames with abnormally small IPv4 packet sizes to reduce exposure. No other specific mitigations are detailed in the provided resources. [1]