SB2025102048 - Multiple vulnerabilities in NetX Duo
Published: October 20, 2025 Updated: October 21, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 12 secuirty vulnerabilities.
1) Out-of-bounds read (CVE-ID: CVE-2025-55085)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary condition when parsing HTTP headers. A remote attacker can trigger an out-of-bounds read error and cause undefined behavior or perform denial of service (DoS) attack.
2) Out-of-bounds read (CVE-ID: CVE-2025-55082)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_secure_tls_psk_identity_find()" function. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
3) Out-of-bounds read (CVE-ID: CVE-2025-55081)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_secure_tls_process_clienthello()" function. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
4) Out-of-bounds read (CVE-ID: CVE-2025-55083)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_secure_tls_process_clienthello_psk_extension()" function. A remote attacker can, trigger an out-of-bounds read error and read contents of memory on the system.
5) Out-of-bounds read (CVE-ID: CVE-2025-55084)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_secure_tls_proc_clienthello_supported_versions_extension()" function. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
6) Out-of-bounds read (CVE-ID: CVE-2025-55090)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_ipv4_packet_receive()" function. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
7) Out-of-bounds read (CVE-ID: CVE-2025-55091)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_ip_packet_receive()" function. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
8) Out-of-bounds read (CVE-ID: CVE-2025-55094)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_icmpv6_validate_options()" function. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
9) Out-of-bounds read (CVE-ID: CVE-2025-55093)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary condition in the "_nx_ipv4_packet_receive()" function when handling unicast DHCP messages. A remote attacker can trigger an out-of-bounds read error and cause corruption of 4 bytes of memory.
10) Out-of-bounds read (CVE-ID: CVE-2025-55092)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in the "_nx_ipv4_option_process()" function. A remote attacker can trigger an out-of-bounds read error and read contents of memory on the system.
11) Out-of-bounds read (CVE-ID: CVE-2025-55087)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary condition when processing security parameters in an SNMPv3 request. A remote attacker can trigger an out-of-bounds read error and cause undefined behavior or perform denial of service (DoS) attack.
12) Out-of-bounds read (CVE-ID: CVE-2025-55086)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary condition in the dhcpv6 client when extracting the server DUID from the server reply. A remote attacker can trigger an out-of-bounds read error to cause system instability and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-9c77-rgp9-c2g2
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-8h38-qjhh-mf2h
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-5vrv-8j5h-h6h6
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-9hw5-4xcv-jprm
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-m474-39rw-v8gm
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-cf2g-j6vv-m8c5
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-pf5q-r6q5-6j2f
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-rf32-h832-hg8r
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-c9pq-93jp-w649
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-vwh7-h99r-fvwq
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-v474-mv4g-v8cx
- https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-99pw-cp79-2j5j