NetX Duo
Source repositories
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-55102 | Hig | 0.49 | 7.5 | 0.00 | Jan 27, 2026 | A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability. | ||
| CVE-2025-55094 | 0.00 | — | 0.00 | Oct 17, 2025 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_options() when handling a packet with ICMP6 options. | |||
| CVE-2025-55093 | 0.00 | — | 0.00 | Oct 17, 2025 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes of memory. | |||
| CVE-2025-55092 | 0.00 | — | 0.00 | Oct 17, 2025 | In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option. | |||
| CVE-2025-55091 | 0.00 | — | 0.00 | Oct 16, 2025 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data. | |||
| CVE-2025-55090 | 0.00 | — | 0.00 | Oct 16, 2025 | In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet. | |||
| CVE-2025-55084 | 0.00 | — | 0.00 | Oct 16, 2025 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field. | |||
| CVE-2025-55083 | 0.00 | — | 0.00 | Oct 15, 2025 | In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read. |
- risk 0.49cvss 7.5epss 0.00
A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.
- CVE-2025-55094Oct 17, 2025risk 0.00cvss —epss 0.00
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_options() when handling a packet with ICMP6 options.
- CVE-2025-55093Oct 17, 2025risk 0.00cvss —epss 0.00
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes of memory.
- CVE-2025-55092Oct 17, 2025risk 0.00cvss —epss 0.00
In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option.
- CVE-2025-55091Oct 16, 2025risk 0.00cvss —epss 0.00
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data.
- CVE-2025-55090Oct 16, 2025risk 0.00cvss —epss 0.00
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet.
- CVE-2025-55084Oct 16, 2025risk 0.00cvss —epss 0.00
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field.
- CVE-2025-55083Oct 15, 2025risk 0.00cvss —epss 0.00
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read.