Denial-of-Service Vulnerability in Eclipse ThreadX NetX Duo IPv6 Component
CVE-2025-55102

8.7HIGH

Key Information:

Vendor: Eclipse Foundation
Status: Eclipse Threadx - Netx Duo
Vendor: CVE Published:; 27 January 2026

🔔 Create Eclipse Foundation Vulnerability Alert

What is CVE-2025-55102?

A denial-of-service vulnerability has been identified in the IPv6 functionality of Eclipse ThreadX NetX Duo. This issue arises when a specially crafted network packet, labeled as 'Packet Too Big,' is sent, including over 15 distinct source addresses. By exploiting this vulnerability, an attacker can send a malformed packet that may disrupt service, potentially leading to outages and critical downtime for affected systems. Organizations utilizing Eclipse ThreadX NetX Duo should implement appropriate measures to safeguard against such attacks.

Affected Version(s)

Eclipse ThreadX - NetX Duo 0 <= 6.4.3

References

https://github.com/eclipse-threadx/netxduo/security/advis...

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 27, 2026
Vulnerability Reserved
Aug 6, 2025

Credit

Haja Mohideen M

CVE-2025-55102 Data

JSON