CVE-2025-55084

Summary

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field.

Affected Software

VendorProductVersion RangeStatus
Eclipse FoundationNetX Duo0 < 6.4.4affected

Weaknesses

  • CWE-126: CWE-126: Buffer Over-read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References