CVE-2025-55094 – This vulnerability in NetX Duo's ICMPv6 packet ... (How to Fix)

Q: What is the severity of CVE-2025-55094?

CVE-2025-55094 has a CVSS score of 7.5 (HIGH). This vulnerability in NetX Duo's ICMPv6 packet processing allows attackers to read memory beyond intended boundaries when handling specially crafted ICMP6 options. It affects all systems using NetX Duo networking module for Eclipse ThreadX before version 6.4.4. Successful exploitation could lead to information disclosure or system crashes.

📋 TL;DR

This vulnerability in NetX Duo's ICMPv6 packet processing allows attackers to read memory beyond intended boundaries when handling specially crafted ICMP6 options. It affects all systems using NetX Duo networking module for Eclipse ThreadX before version 6.4.4. Successful exploitation could lead to information disclosure or system crashes.

💻 Affected Systems

Products:

NetX Duo (Eclipse ThreadX networking module)

Versions: All versions before 6.4.4

Operating Systems: Any OS using NetX Duo (commonly embedded/RTOS systems)

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems with IPv6 and ICMPv6 enabled. Embedded/IoT devices using ThreadX with NetX Duo are primary targets.

📦 What is this software?

Threadx Netx Duo by Eclipse

View all CVEs affecting Threadx Netx Duo →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise if combined with other vulnerabilities, or denial of service causing system crashes.

🟠

Likely Case

Information disclosure through memory leaks or denial of service through system crashes.

🟢

If Mitigated

Limited impact with proper network segmentation and firewall rules blocking ICMPv6 traffic.

🌐 Internet-Facing: HIGH - Systems exposed to network traffic can be targeted remotely via ICMPv6 packets.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this if they have network access to vulnerable systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires sending specially crafted ICMPv6 packets to vulnerable systems. No authentication needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.4.4

Vendor Advisory: https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-rf32-h832-hg8r

Restart Required: Yes

Instructions:

1. Download NetX Duo version 6.4.4 or later from official sources. 2. Replace existing NetX Duo files with patched version. 3. Recompile and rebuild your application. 4. Deploy updated firmware/software to affected devices. 5. Restart systems to apply changes.

🔧 Temporary Workarounds

Disable IPv6/ICMPv6

all

Disable IPv6 functionality or block ICMPv6 traffic if not required for system operation.

System-specific configuration to disable IPv6 or firewall rules to block ICMPv6 (type 134-137)

Network Segmentation

all

Isolate vulnerable systems from untrusted networks using firewalls or VLANs.

Configure firewall rules to restrict ICMPv6 traffic to trusted sources only

🧯 If You Can't Patch

Implement strict network access controls to limit ICMPv6 traffic to vulnerable systems
Monitor network traffic for anomalous ICMPv6 packets and implement intrusion detection

🔍 How to Verify

Check if Vulnerable:

Check NetX Duo version in your source code or compiled binaries. Versions before 6.4.4 are vulnerable.

Check Version:

Check NX_DUO_VERSION define in nx_api.h or equivalent version identifier in your source code

Verify Fix Applied:

Verify NetX Duo version is 6.4.4 or later in your application build configuration and deployed systems.

📡 Detection & Monitoring

Log Indicators:

System crashes or reboots
Memory access violation logs
ICMPv6 error messages

Network Indicators:

Unusual ICMPv6 traffic patterns
ICMPv6 packets with malformed options

SIEM Query:

ICMPv6 traffic with type 134-137 AND (payload_size > normal OR malformed_options)

📊 Metadata

CVE ID: CVE-2025-55094

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-125

EPSS Score: 0.05% exploit probability (15th percentile)

Published: October 17, 2025

Last Updated: October 24, 2025

🔗 References

https://github.com/eclipse-threadx/netxduo/security/advisories/GHSA-rf32-h832-hg8r Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55094, you might also want to check these: