Primary

Context

Eclipse ThreadX NetX Duo Denial-of-Service Vulnerability in IPv6 Component

Vulnerability

Patched

A denial-of-service vulnerability has been identified in the NetX IPv6 component of Eclipse ThreadX NetX Duo, affecting versions through 6.4.3. The issue arises when a specially crafted 'Packet Too Big' network packet, containing more than 15 different source addresses, is received. This can cause the Neighbour Discovery (ND) Cache to fill up with entries in the 'CREATED' state, blocking further communication on new IPv6 addresses until the device is power cycled.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, where the device's Neighbour Discovery cache becomes full, preventing communication on new IPv6 addresses until the device is restarted.

Remediation

Users can upgrade to version 6.4.5 to address this vulnerability.

Added: Jan 27, 2026, 4:36 PM

Updated: Jan 27, 2026, 4:36 PM

Vulnerability Rating

Custom Algorithm

spread

9.8

impact

2.5

exploitability

7.7

remediation

7.7

relevance

2.4

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.8

impact

2.5

exploitability

7.7

remediation

7.7

relevance

2.4

threat

0.0

urgency

2.9

incentive

8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Eclipse ThreadX NetX Duo Denial-of-Service Vulnerability in IPv6 Component

Vulnerability

Impact

Remediation

Affected Products

Eclipse ThreadX NetX Duo

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating