Vulnerability Description
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow, resulting in remote termination of Fast-DDS. If the fields of `PID_IDENTITY_TOKEN` or `PID_PERMISSIONS_TOKEN` in the DATA Submessage — specifically by tampering with the `str_size` value read by `readString` (called from `readBinaryProperty`) — are modified, a 32-bit integer overflow can occur, causing `std::vector::resize` to use an attacker-controlled size and quickly trigger heap buffer overflow and remote process term ination. Versions 3.4.1, 3.3.1, and 2.6.11 patch the issue.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Eprosima | Fast Dds | < 2.6.11 |
Related Weaknesses (CWE)
References
- https://github.com/eProsima/Fast-DDS/commit/354218514d32beac963ff5c306f1cf159ee3Patch
- https://github.com/eProsima/Fast-DDS/commit/a726e6a5daba660418d1f7c05b6f203c1774Patch
- https://github.com/eProsima/Fast-DDS/commit/ced3b6f92d928af1eae77d5fe889878128adPatch
- https://security-tracker.debian.org/tracker/CVE-2025-62601Third Party Advisory
FAQ
What is CVE-2025-62601?
CVE-2025-62601 is a vulnerability with a CVSS score of 7.5 (HIGH). Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, m...
How severe is CVE-2025-62601?
CVE-2025-62601 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-62601?
Check the references section above for vendor advisories and patch information. Affected products include: Eprosima Fast Dds.