PT-2025-42439 · Eclipse Foundation · Thread+1

Justin Stauffer

Published

2025-10-16

Updated

2025-10-21

CVE-2025-55091

CVSS v4.0

6.9

Medium

Vector

AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions NetX Duo versions prior to 6.4.4

Description The networking support module for Eclipse Foundation ThreadX contains a potential out-of-bounds read issue. This issue occurs in the nx ip packet receive() function when processing an Ethernet frame with the IP type set but lacking IP data.

Recommendations Update to version 6.4.4 or later.

Fix

Buffer Over-read

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-126CWE-125

Related Identifiers

CVE-2025-55091

GHSA-PF5Q-R6Q5-6J2F

Affected Products

Netx Duo

Thread

PT-2025-42439 · Eclipse Foundation · Thread+1

CVE-2025-55091

Weakness Enumeration

Related Identifiers

Affected Products

References · 6