CVE-2025-55083

In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
eclipseCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
eclipsethreadx_netx_duo
𝑥
< 6.4.4.202503
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-9hw5-4xcv-jprm