CVE-2025-62799 — Heap-based Buffer Overflow in Fast-dds

CWE-122 — Heap-based Buffer Overflow CWE-787 — Out-of-bounds Write5 documents5 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 93.79%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Eprosima Fast-dds Eprosima Fast DDS Debian Linux

Timeline

PublishedFeb 3

Description

Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group ). Prior to versions 3.4.1, 3.3.1, and 2.6.11, a heap buffer overflow exists in the Fast-DDS DATA_FRAG receive path. An un authenticated sender can transmit a single malformed RTPS DATA_FRAG packet where `fragmentSize` and `sampleSize` are craft ed to violate internal assumptions. Due to a 4-byte alignment step during fragment metadata initialization, the code write s past the end…

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5eprosima/fast-dds3.4.0 — 3.4.1+2

▶NVDeprosima/fast_dds3.0.0 — 3.3.1+2

Also affects: Debian Linux 11.0, 12.0, 13.0

Patches

Patch: github.com ↗Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

FastDDS's heap buffer overflow in RTPS DATA_FRAG enables unauthenticated DoS (potential RCE)↗2026-02-03

▶

OSV

CVE-2025-62799: Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group )↗2026-02-03

▶

📋Vendor Advisories

Debian

CVE-2025-62799: fastdds - Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-62799 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶