CVE-2025-67108Improper Validation of Certificate Expiration in Fast DDS

CWE-298Improper Validation of Certificate ExpirationCWE-370Missing Check for Certificate Revocation after Initial Check6 documents6 sources
Severity
10.0CRITICALNVD
EPSS
0.0%
top 86.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Eprosima Fast DDS
Timeline
PublishedDec 23

Description

eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket revocation, resulting in insecure communications and connections.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.8

Affected Packages1 packages

🔴Vulnerability Details

3
GHSA
GHSA-839g-33gc-x4w2: eProsima Fast-DDS v32025-12-23
OSV
CVE-2025-67108: eProsima Fast-DDS v32025-12-23
CVEList
CVE-2025-67108: eProsima Fast-DDS v32025-12-23

📋Vendor Advisories

1
Debian
CVE-2025-67108: fastdds - eProsima Fast-DDS v3.3 was discovered to contain improper validation for ticket ...2025

🕵️Threat Intelligence

1
Wiz
CVE-2025-67108 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-67108 — Eprosima Fast DDS vulnerability | cvebase