Shodan
Vulnerabilities
Vulnerable Software
Eclipse:  Security Vulnerabilities
CVE-2025-55086
In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the server DUID from the server reply. With a crafted packet, an attacker could cause an out of memory read.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-10-20
CVE-2025-55085
In NextX Duo before 6.4.4, in the HTTP client module, the network support code for Eclipse Foundation ThreadX, the parsing of HTTP header fields was missing bounds verification. A crafted server response could cause undefined behavior.
CVSS Score
7.5
EPSS Score
0.002
Published
2025-10-17
CVE-2025-55099
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_alternate_setting_locate() when parsing a descriptor with attacker-controlled frequency fields.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-17
CVE-2025-55100
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio10_sam_parse_func() when parsing a list of sampling frequencies.
CVSS Score
9.1
EPSS Score
0.001
Published
2025-10-17
CVE-2025-55094
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_options() when handling a packet with ICMP6 options.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-10-17
CVE-2025-55096
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_hid_report_descriptor_get()  when parsing a descriptor of an USB HID device.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-17
CVE-2025-55097
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_streaming_sampling_get() when parsing a descriptor of an USB streaming device.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-17
CVE-2025-55098
In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_device_type_get() when parsing a descriptor of an USB audio device.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-10-17
CVE-2025-55087
In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-10-17
CVE-2025-55092
In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved