PT-2025-42316 · Eclipse Foundation · Thread+1
Justin Stauffer
·
Published
2025-10-15
·
Updated
2025-10-21
·
CVE-2025-55082
CVSS v4.0
6.9
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
NetX Duo versions prior to 6.4.4
Description
An out-of-bounds read issue exists in the Eclipse Foundation ThreadX component of NetX Duo, specifically within the
nx secure tls process clienthello() function. This is due to a missing validation of the Pre-Shared Key (PSK) length provided in user messages.Recommendations
Update to NetX Duo version 6.4.4 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netx Duo
Thread