CVE-2025-24807

Name of the Vulnerable Software and Affected Versions: eprosima Fast DDS versions prior to 2.6.10 eprosima Fast DDS versions prior to 2.10.7 eprosima Fast DDS versions prior to 2.14.5 eprosima Fast DDS versions prior to 3.0.2 eprosima Fast DDS versions prior to 3.1.2 eprosima Fast DDS versions prior to 3.2.0

Description: The issue is related to the validation of PermissionsCA in eprosima Fast DDS. Prior to the specified versions, the PermissionsCA is not fully chain validated, and the expiration date is not validated. The access control plugin only validates the S/MIME signature, which allows an expired PermissionsCA to be considered valid. This can lead to the system crashing when a non-self-signed PermissionsCA with a full chain is used. The impact of this issue is low.

Recommendations: For versions prior to 2.6.10, update to version 2.6.10 or later. For versions prior to 2.10.7, update to version 2.10.7 or later. For versions prior to 2.14.5, update to version 2.14.5 or later. For versions prior to 3.0.2, update to version 3.0.2 or later. For versions prior to 3.1.2, update to version 3.1.2 or later. For versions prior to 3.2.0, update to version 3.2.0 or later.