ThreadX <6.4.3 Arbitrary Mem Read/Write via Weak Syscall Verification
CVE-2025-55080 Published on October 15, 2025
Improper Parameter Check in ThreadX Syscall Implementation
In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write.
Weakness Type
Improper Handling of Parameters
The software does not properly handle when the expected number of parameters, fields, or arguments is not provided in input, or if those parameters are undefined.
Products Associated with CVE-2025-55080
Want to know whenever a new CVE is published for Eclipse Threadx? stack.watch will email you.
Affected Versions
Eclipse Foundation ThreadX:- Before 6.4.3 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.