Primary

Context

Eclipse NetX Duo Out-of-Bounds Read Vulnerability in IPv4 Packet Reception

Vulnerability

Patched

A moderate out-of-bounds read vulnerability has been identified in Eclipse NetX Duo versions through 6.4.3. The issue arises in the '_nx_ipv4_packet_receive()' function, which processes IPv4 packets by reading the first four bytes of the IP header. The vulnerability occurs because there is no bounds checking to ensure that the Ethernet frame contains a sufficient amount of data. An attacker could exploit this by sending a frame with fewer than four bytes of IP data, potentially leading to a crash or an information leak.

Impact

Exploitation of this vulnerability could result in an out-of-bounds read, which may cause a crash or an information leak.

Remediation

Users can upgrade to NetX Duo version 6.4.4 or later to address this vulnerability.

Added: Oct 16, 2025, 7:18 AM

Updated: Oct 16, 2025, 7:18 AM

Vulnerability Rating

Custom Algorithm

spread

9.8

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.8

impact

3.1

exploitability

7.4

remediation

7.7

relevance

0.7

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eclipse NetX Duo Out-of-Bounds Read Vulnerability in IPv4 Packet Reception

Vulnerability

Impact

Remediation

Affected Products

Eclipse NetX Duo

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating