Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension()

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Description

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read.

Basic Information

ID CVE-2025-55083

Source eclipse

Published Oct 15, 2025 at 14:11

Affected Product

Vendor Eclipse Foundation

Product NetX Duo

Affected Versions Eclipse Foundation NetX Duo 0

CWE Classification

CWE-126

References

github.com /eclipse-threadx/netxduo/security/advisories/GHSA-9hw5-4xcv-jprm

{
    "lastseen": "",
    "description": "In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read.",
    "published": "2025-10-15T14:11:23.044Z",
    "modified": "2025-10-15T14:11:23.044Z",
    "type": "cve",
    "title": "Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension()",
    "source": "eclipse",
    "references": "https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-9hw5-4xcv-jprm",
    "id": "CVE-2025-55083",
    "bulletinFamily": "",
    "cwe": [
        "CWE-126"
    ],
    "cvelist": null,
    "sourceData": "Eclipse Foundation NetX Duo 0",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NetX Duo",
    "version": "0",
    "vendor": "Eclipse Foundation",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Broken bounds check in Broken bounds check in _nx_secure_tls_process_clienthello_psk_extension()_CVE-2025-55083