Login Sign Up

CVE-2025-55097

6.1 MEDIUM

📋 TL;DR

This vulnerability allows an attacker to read memory beyond the intended buffer boundaries when parsing USB audio streaming device descriptors. It affects systems using USBX versions before 6.4.3 in Eclipse ThreadX environments, potentially exposing sensitive data or causing system instability.

💻 Affected Systems

Products:
  • USBX (Eclipse ThreadX USB stack)
Versions: All versions before 6.4.3
Operating Systems: Any OS using Eclipse ThreadX with USBX
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using USBX with audio streaming device support enabled.

📦 What is this software?

Threadx Usbx by Eclipse

View all CVEs affecting Threadx Usbx →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure of sensitive memory contents, potential system crash leading to denial of service, or privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

System instability or crash when connecting malicious USB audio devices, potentially causing denial of service in affected systems.

🟢

If Mitigated

Limited impact with proper input validation and memory protection mechanisms in place.

🌐 Internet-Facing: LOW - Requires physical USB device connection or USB-over-IP access.
🏢 Internal Only: MEDIUM - Internal users with USB port access could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires physical USB device connection or USB-over-IP capability. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.4.3

Vendor Advisory: https://github.com/eclipse-threadx/usbx/security/advisories/GHSA-r6h5-fmhc-v3j7

Restart Required: No

Instructions:

1. Update USBX to version 6.4.3 or later. 2. Rebuild and redeploy affected ThreadX applications. 3. Verify the _ux_host_class_audio_streaming_sampling_get() function includes proper bounds checking.

🔧 Temporary Workarounds

Disable USB audio streaming support

all

Disable USB audio class support in USBX configuration to prevent parsing of vulnerable descriptors.

# In ux_user.h or build configuration, set:
#define UX_HOST_CLASS_AUDIO_ENABLE 0

🧯 If You Can't Patch

  • Implement USB device whitelisting to allow only trusted USB devices
  • Disable USB ports on affected systems when not required

🔍 How to Verify

Check if Vulnerable:

Check USBX version in source code or build configuration. If version is below 6.4.3 and audio streaming support is enabled, system is vulnerable.

Check Version:

# Check USBX version in source:
grep -r "UX_VERSION" usbx/ | grep -i version

Verify Fix Applied:

Verify USBX version is 6.4.3 or later and check that bounds checking is implemented in _ux_host_class_audio_streaming_sampling_get() function.

📡 Detection & Monitoring

Log Indicators:

  • USB enumeration failures
  • System crashes when connecting USB audio devices
  • Memory access violation logs

Network Indicators:

  • USB-over-IP connection attempts to vulnerable systems

SIEM Query:

source="system_logs" AND ("USB" AND ("audio" OR "streaming") AND ("crash" OR "fault" OR "violation"))

📊 Metadata

CVE ID: CVE-2025-55097
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
EPSS Score: 0.04% exploit probability (10.3th percentile)
Published: October 17, 2025
Last Updated: October 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55097, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)