Unrated severityNVD Advisory· Published Oct 20, 2025· Updated Oct 20, 2025

CVE-2025-55086

Description

In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the server DUID from the server reply. With a crafted packet, an attacker could cause an out of memory read.

Affected products

Azure/Netxduollm-fuzzy
Range: <6.4.4
Eclipse Foundation/NextX Duov5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/eclipse-threadx/netxduo/security/advisories/GHSA-99pw-cp79-2j5jmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000