Denial of Service Vulnerability in Eclipse ThreadX Software
CVE-2025-55078

5.7MEDIUM

Key Information:

Vendor: Eclipse Foundation
Status: Threadx
Vendor: CVE Published:; 14 October 2025

🔔 Create Eclipse Foundation Vulnerability Alert

What is CVE-2025-55078?

In Eclipse ThreadX versions before 6.4.3, an attacker can exploit a flaw that allows for denial of service attacks. This vulnerability arises when an attacker provides a pointer that references either a reserved or unmapped memory region. While vulnerable system calls implemented checks on pointers, these checks inadequately verified whether the pointers were located outside the allocated memory module, allowing attackers to potentially crash the system and compromise its availability.

Affected Version(s)

ThreadX 0 <= 6.4.2

References

https://github.com/eclipse-threadx/threadx/security/advis...

vendor-advisory

CVSS V4

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 14, 2025
Vulnerability Reserved
Aug 6, 2025

Credit

x-codingman (Saxon Mark)

JSON