Full Report
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities found in Eclipse ThreadX and four vulnerabilities in STMicroelectronics. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.
Analysis Summary
# Vulnerability: Multiple Medium to High Severity Flaws Disclosed in Eclipse ThreadX and STMicroelectronics Components
This summary aggregates vulnerability information disclosed by Cisco Talos affecting Eclipse ThreadX and STMicroelectronics products.
## CVE Details
- **CVE ID:** CVE-2025-0726, CVE-2025-2260 (Eclipse ThreadX DoS)
- **CVE ID:** CVE-2025-0727, CVE-2025-2259 (Eclipse ThreadX PUT Integer Underflow)
- **CVE ID:** CVE-2025-0728, CVE-2025-2258 (Eclipse ThreadX PUT Integer Underflow)
- **CVE ID:** CVE-2024-45064 (STMicroelectronics Buffer Overflow)
- **CVE ID:** CVE-2024-50384, CVE-2024-50385 (STMicroelectronics DoS)
- **CVE ID:** CVE-2024-50594, CVE-2024-50595 (STMicroelectronics DoS)
- **CVE ID:** CVE-2024-50596, CVE-2024-50597 (STMicroelectronics DoS)
- **CVSS Score:** Severity scores were not explicitly provided in the text, but the nature of the vulnerabilities (DoS and Code Execution) suggests medium to potentially high severity.
- **CWE:** Denial of Service, Integer Underflow, Buffer Overflow (inferred).
## Affected Systems
- **Products:**
- Eclipse ThreadX NetX Duo (git commit 6c8e9d1)
- STMicroelectronics X-CUBE-AZRTOS-WL (version 2.0.0)
- STMicroelectronics NetX Component HTTP server functionality
- **Versions:**
- Eclipse ThreadX NetX Duo: git commit 6c8e9d1
- STMicroelectronics X-CUBE-AZRTOS-WL: 2.0.0
- **Configurations:** Dependent on the presence and use of the affected NetX HTTP server functionality (Eclipse ThreadX) or the FileX Internal RAM interface (STMicroelectronics).
## Vulnerability Description
**Eclipse ThreadX:**
1. **Denial of Service (DoS):** A DoS vulnerability exists in the NetX HTTP server functionality due to improper handling of specially crafted network packets.
2. **Integer Underflow:** Two integer underflow vulnerabilities exist within the HTTP server's PUT request handling functions. Sending crafted network requests can trigger these flaws.
**STMicroelectronics:**
1. **Buffer Overflow (Code Execution Potential):** A buffer overflow vulnerability exists in the FileX Internal RAM interface functionality. A sequence of crafted network packets can lead to code execution.
2. **Denial of Service (DoS):** Several DoS vulnerabilities exist related to the NetX Component HTTP server functionality. These result from improperly handled network packets, including two specific integer underflow flaws in the HTTP server PUT request functionality.
## Exploitation
- **Status:** The article indicates the vulnerabilities **have been patched by vendors**, suggesting prior discovery rather than widespread exploitation in the wild at the time of disclosure. PoC availability is not confirmed but likely exists for research related to the vulnerability reports.
- **Complexity:** Complexity is implied to be low to medium, as exploitation generally requires sending crafted network packets/requests.
- **Attack Vector:** Network (Remote).
## Impact
- **Confidentiality:** Likely Low/Medium for DoS flaws, Potentially High for the STMicroelectronics Buffer Overflow (if remote code execution is achieved).
- **Integrity:** Potentially High for the STMicroelectronics Buffer Overflow (Remote Code Execution).
- **Availability:** High impact for all DoS vulnerabilities, leading to service disruption.
## Remediation
### Patches
- Patches have been made available by the respective vendors (Eclipse Foundation and STMicroelectronics) following coordination with Cisco Talos. (Specific patch versions not listed, refer to vendor advisories).
### Workarounds
- No specific workarounds were detailed in the provided text, other than applying the official vendor patches. Restricting network access to the affected HTTP server component (if possible) would be a tactical measure until patching is complete.
## Detection
- **Indicators of Compromise:** Successful exploitation would manifest as unexpected service restarts, process crashes (DoS), or unauthorized code execution.
- **Detection Methods and Tools:** Download the latest rule sets from Snort.org for specific coverage designed by Cisco Talos to detect exploitation of these vulnerabilities.
## References
- Vendor advisories (Implied by patch release).
- Talos Intelligence Reports: TALOS-2024-2098, TALOS-2024-2104, TALOS-2024-2105, TALOS-2024-2096, TALOS-2024-2097, TALOS-2024-2102, TALOS-2024-2103.
- Latest Vulnerability Advisories: talosintelligence. com/vulnerability_reports
- Snort Rules: snort. org