anonhaven
Ad

CVE-2025-55102

HIGH CVSS 4.0: 8.7 EPSS 0.03%
Updated Apr 02, 2026
Eclipse
Parameter Value
CVSS 8.7 (HIGH)
Affected Versions before 6.4.5.202504
Fixed In 6.4.5.202504
Type CWE-400 (Uncontrolled Resource Consumption), CWE-404 (Improper Resource Shutdown or Release), CWE-770 (Allocation Without Limits)
Vendor Eclipse
Public PoC No

A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-400 Uncontrolled Resource Consumption
CWE-404 Improper Resource Shutdown or Release
CWE-770 Allocation Without Limits

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Eclipse Threadx_Netx_Duo
cpe:2.3:a:eclipse:threadx_netx_duo:*:*:*:*:*:*:*:*
 6.4.5.202504

References 1

https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-f3rx-xrwm-q…
emo@eclipse.org
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-1605

Eclipse

7.5

CVE-2025-11143

Eclipse

6.5

CVE-2026-22886

Elipse

9.8

CVE-2026-0648

Eclipse

6.3

CVE-2025-55095

Eclipse

7.0