Primary

Context

Eclipse NetX Duo ThreadX Off-By-One Out-of-Bounds Read Vulnerability in TLS ClientHello Extension Processing

Vulnerability

Patched

A moderate off-by-one out-of-bounds read vulnerability has been identified in Eclipse NetX Duo versions through 6.4.3. The issue arises in the function '_nx_secure_tls_proc_clienthello_supported_versions_extension()', which improperly validates the length of version extensions in TLS packets. This flaw can potentially be exploited to read memory out of bounds, leading to undefined behavior.

Impact

Exploitation of this vulnerability causes an off-by-one out-of-bounds read, which can lead to memory corruption or information disclosure.

Remediation

Users can upgrade to NetX Duo version 6.4.4 or later to address this vulnerability.

Added: Oct 16, 2025, 7:19 AM

Updated: Oct 16, 2025, 7:19 AM

Vulnerability Rating

Custom Algorithm

spread

9.8

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.8

impact

2.5

exploitability

8.1

remediation

7.7

relevance

0.8

threat

0.0

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eclipse NetX Duo ThreadX Off-By-One Out-of-Bounds Read Vulnerability in TLS ClientHello Extension Processing

Vulnerability

Impact

Remediation

Affected Products

Eclipse Foundation NetX Duo

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating