CVE 10 CRITICAL

CVE-2025-67109_CVE-2025-67109

December 23, 2025 invoker category_cve

10 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Description

Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.

AI Analysis

Improper verification of the time certificate allows attackers to bypass certificate checks and execute commands with System privileges.

Basic Information

ID CVE-2025-67109

Source mitre

Published Dec 23, 2025 at 00:00

Modified Dec 23, 2025 at 15:52

Affected Product

Vendor Eclipse Foundation

Product Eclipse Cyclone DDS

Version v0.10.5

Affected Versions n/a n/a n/a

CWE Classification

CWE-298

AI Assessment

AI Score 10 / 10

AI Severity Critical

Vendor Eclipse Foundation

Product Eclipse Cyclone DDS

Version v0.10.5

References

{
    "lastseen": "",
    "description": "Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.",
    "published": "2025-12-23T00:00:00.000Z",
    "modified": "2025-12-23T15:52:46.429Z",
    "type": "cve",
    "title": "CVE-2025-67109",
    "source": "mitre",
    "references": "http://eclipse.com\nhttps://github.com/eclipse-cyclonedds/cyclonedds/blob/master/src/ddsrt/src/time/posix/time.c#L28\nhttps://github.com/eclipse-cyclonedds/cyclonedds/blob/master/src/security/builtin_plugins/authentication/src/auth_utils.c#L84\nhttps://gist.github.com/lkloliver/669e15bc7e6194133e4ee1026ce157e6",
    "id": "CVE-2025-67109",
    "bulletinFamily": "",
    "cwe": [
        "CWE-298"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 10,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Eclipse Cyclone DDS",
    "version": "v0.10.5",
    "vendor": "Eclipse Foundation",
    "ai_description": "Improper verification of the time certificate allows attackers to bypass certificate checks and execute commands with System privileges.",
    "ai_severity": "Critical",
    "ai_vendor": "Eclipse Foundation",
    "ai_product": "Eclipse Cyclone DDS",
    "ai_version": "v0.10.5",
    "ai_score": 10
}

💭 Join the Security Discussion ❌ Cancel Reply