CVE-2025-67108 — CRITICAL (10.0)

Vulnerability Description

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

CVSS Score

10.0

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Eprosima	Fast Dds	3.3.0

Related Weaknesses (CWE)

CWE-298 CWE-370

References

http://eprosima.comProduct
http://fast-dds.comBroken LinkNot Applicable
https://gist.github.com/lkloliver/81b5d5a8328d712dbfd497bf11dbe913Third Party Advisory
https://github.com/eProsima/Fast-DDS/blob/master/src/cpp/security/accesscontrol/Product

FAQ

What is CVE-2025-67108?

CVE-2025-67108 is a vulnerability with a CVSS score of 10.0 (CRITICAL). eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

How severe is CVE-2025-67108?

CVE-2025-67108 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2025-67108?

Check the references section above for vendor advisories and patch information. Affected products include: Eprosima Fast Dds.