CVE-2025-55095
📋 TL;DR
This vulnerability allows a malicious USB storage device to cause a stack overflow by exploiting unlimited recursion in partition table parsing. Systems using the affected USBX library for USB mass storage functionality are vulnerable when mounting malicious devices. This affects embedded systems and devices that use this USB stack implementation.
💻 Affected Systems
- USBX (ThreadX USB stack)
- Products using USBX library
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system crash or denial of service through stack overflow, potentially leading to device reboot or instability.
Likely Case
System crash or hang when mounting a malicious USB storage device, requiring manual intervention to recover.
If Mitigated
Limited impact with proper input validation and recursion limits in place.
🎯 Exploit Status
Exploitation requires physical USB device access or USB over network capability. No authentication needed to trigger the vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check GitHub advisory for specific patched version
Vendor Advisory: https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-qfmp-wch9-rpv2
Restart Required: Yes
Instructions:
1. Update USBX library to patched version. 2. Recompile and redeploy affected firmware/software. 3. Restart systems using the updated library.
🔧 Temporary Workarounds
Disable USB mass storage mounting
allPrevent mounting of USB mass storage devices if not required
Physical USB port restrictions
allImplement physical security controls to restrict USB device access
🧯 If You Can't Patch
- Implement strict physical security controls for USB ports
- Use USB device whitelisting or blocking solutions if available
🔍 How to Verify
Check if Vulnerable:
Check if system uses USBX library and version. Review source code for recursive _ux_host_class_storage_media_mount() calls without depth limits.Check Version:
Check build configuration or firmware version information for USBX library versionVerify Fix Applied:
Verify USBX library version includes recursion depth limit in partition parsing functions.📡 Detection & Monitoring
Log Indicators:
- System crashes or reboots after USB device insertion
- Stack overflow errors in system logs
- USB mount failures
Network Indicators:
- USB over network traffic with unusual partition structures
SIEM Query:
Search for: (event_type="system_crash" OR "stack_overflow") AND (process_name contains "usb" OR "storage")