Primary

Context

Eclipse ThreadX Improper Parameter Check Vulnerability in Syscall Implementation Allowing Arbitrary Memory Read/Write

Vulnerability

Patched

A vulnerability exists in Eclipse ThreadX versions prior to 6.4.3, when memory protection is enabled. The issue stems from inadequate verification of syscall parameters, which allows an attacker to bypass user-kernel isolation. This flaw can lead to privilege escalation and unauthorized read or write access to arbitrary memory. The vulnerability arises from the incorrect implementation of parameter checking macros, which fail to properly validate kernel object pointers, creating an opportunity for exploitation.

Impact

Exploitation of this vulnerability can result in privilege escalation and arbitrary memory read or write access.

Remediation

Users can upgrade to Eclipse ThreadX version 6.4.3 or later to address this vulnerability.

Added: Oct 15, 2025, 6:19 AM

Updated: Oct 15, 2025, 6:19 AM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

5.0

exploitability

2.9

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

5.0

exploitability

2.9

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eclipse ThreadX Improper Parameter Check Vulnerability in Syscall Implementation Allowing Arbitrary Memory Read/Write

Vulnerability

Impact

Remediation

Affected Products

Eclipse ThreadX

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating