eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

No data.

No data.

No data.

No data.

References
Link Providers
http://eprosima.com cve-icon cve-icon
http://fast-dds.com cve-icon cve-icon
https://gist.github.com/lkloliver/81b5d5a8328d712dbfd497bf11dbe913 cve-icon cve-icon
https://github.com/eProsima/Fast-DDS/blob/master/src/cpp/security/accesscontrol/Permissions.cpp#L263 cve-icon cve-icon
History

Tue, 23 Dec 2025 16:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-298
CWE-370
Metrics cvssV3_1

{'score': 10, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 23 Dec 2025 15:45:00 +0000

Type Values Removed Values Added
Description eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.
References
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-12-23T15:48:27.499Z

Reserved: 2025-12-08T00:00:00.000Z

Link: CVE-2025-67108

cve-icon Vulnrichment

Updated: 2025-12-23T15:47:22.112Z

cve-icon NVD

Status : Received

Published: 2025-12-23T16:16:22.897

Modified: 2025-12-23T16:16:22.897

Link: CVE-2025-67108

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.