CVE-2025-62603

LOW EPSS 39.1%
Published Feb 3, 20264mo ago · Modified Jun 17, 20261w ago
1.7 CVSS 4.0
Low
Find Similar
Published Feb 3, 2026 4mo ago
Last Modified Jun 17, 2026 1w ago

Description

Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). ParticipantGenericMessage is the DDS Security control-message container that carries not only the handshake but also on going security-control traffic after the handshake, such as crypto-token exchange, rekeying, re-authentication, and token delivery for newly appearing endpoints. On receive, the CDR parser is invoked first and deserializes the `message_data` (i .e., the `DataHolderSeq`) via the `readParticipantGenericMessage → readDataHolderSeq` path. The `DataHolderSeq` is parsed sequentially: a sequence count (`uint32`), and for each DataHolder the `class_id` string (e.g. `DDS:Auth:PKI-DH:1.0+Req`), string properties (a sequence of key/value pairs), and binary properties (a name plus an octet-vector). The parser operat es at a stateless level and does not know higher-layer state (for example, whether the handshake has already completed), s o it fully unfolds the structure before distinguishing legitimate from malformed traffic. Because RTPS permits duplicates, delays, and retransmissions, a receiver must perform at least minimal structural parsing to check identity and sequence n umbers before discarding or processing a message; the current implementation, however, does not "peek" only at a minimal header and instead parses the entire `DataHolderSeq`. As a result, prior to versions 3.4.1, 3.3.1, and 2.6.11, this parsi ng behavior can trigger an out-of-memory condition and remotely terminate the process. Versions 3.4.1, 3.3.1, and 2.6.11 p atch the issue.

CVSS Details

Base Score
1.7
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
39.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-125 Out-of-bounds Read Memory Safety

Affected Products 6

VendorProductVersionRange
eprosimafast_dds* <2.6.11
eprosimafast_dds*≥3.0.0  –  <3.3.1
eprosimafast_dds3.4.0any
debiandebian_linux11.0any
debiandebian_linux12.0any
debiandebian_linux13.0any

References 4

  • github.com https://github.com/eProsima/Fast-DDS/commit/354218514d32beac963ff5c306f1cf159ee37c5f
    Patch
  • github.com https://github.com/eProsima/Fast-DDS/commit/a726e6a5daba660418d1f7c05b6f203c17747d2b
    Patch
  • github.com https://github.com/eProsima/Fast-DDS/commit/ced3b6f92d928af1eae77d5fe889878128ad421a
    Patch
  • security-tracker.debian.org https://security-tracker.debian.org/tracker/CVE-2025-62603
    Third Party Advisory

Remediation

  • github.com https://github.com/eProsima/Fast-DDS/commit/354218514d32beac963ff5c306f1cf159ee37c5f
    Patch
  • github.com https://github.com/eProsima/Fast-DDS/commit/a726e6a5daba660418d1f7c05b6f203c17747d2b
    Patch
  • github.com https://github.com/eProsima/Fast-DDS/commit/ced3b6f92d928af1eae77d5fe889878128ad421a
    Patch