Vulnerability in Eprosima Fast-dds
CVE-2025-24807
eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain…
EPSS: 0.002 (8.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H.
Affected products
- Eprosima Fast-dds — versions < 2.6.10, >= 2.7.0, < 2.10.7, >= 2.11.0, < 2.14.5
- Eprosima Fast_dds
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM, Vendor Advisory)
- security-advisories@github.com (Patch, x_refsource_MISC)
- security-advisories@github.com (Product, x_refsource_MISC)
- security-advisories@github.com (Product, x_refsource_MISC)
- security-advisories@github.com (Product, x_refsource_MISC)
- security-advisories@github.com (x_refsource_MISC, Related)
Frequently asked questions
- What is CVE-2025-24807?
- CVE-2025-24807 is a high-severity vulnerability in Eprosima Fast-dds, classified under Insufficient Verification of Data Authenticity. CVSS score: 7.1/10. Published 2025-02-11.
- How severe is CVE-2025-24807?
- High severity. CVSS v3 base score is 7.1 out of 10.