CVE-2025-55092
BaseFortify
Publication date: 2025-10-17
Last updated on: 2025-10-24
Assigner: Eclipse Foundation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| eclipse | threadx_netx_duo | to 6.4.4.202503 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-126 | The product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. |
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential out of bound read issue in the _nx_ipv4_option_process() function of the Eclipse Foundation NetX Duo networking support module for Eclipse Foundation ThreadX. It occurs when processing an IPv4 packet that contains the timestamp option, potentially leading to reading memory outside the intended bounds.
How can this vulnerability impact me? :
The vulnerability could lead to unauthorized reading of memory, which may expose sensitive information or cause unexpected behavior in the affected system. This can compromise system stability or security depending on how the out of bound read is exploited.