Cyber Resilience

CVE-2025-24807

Medium

Published: 11 February 2025

Published
11 February 2025
Modified
21 February 2025
KEV Added
Patch
CVSS Score v4 4.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0008 24.7th percentile
Risk Priority 9 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-24807 is a medium-severity Insufficient Verification of Data Authenticity (CWE-345) vulnerability in Eprosima Fast Dds. Its CVSS base score is 4.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 24.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-24807 affects eProsima Fast DDS, a C++ implementation of the OMG Data Distribution Service (DDS) standard. In versions prior to 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, the access control plugin fails to perform full certificate chain validation or check expiration dates for PermissionsCA certificates. Instead, it only validates the S/MIME signature, allowing expired PermissionsCA certificates to be treated as valid. This issue, tied to CWE-345 (Insufficient Verification of Data Authenticity), carries a CVSS v3.1 base score of 7.1 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H).

A local attacker with low privileges can exploit this vulnerability by supplying an expired PermissionsCA, enabling unauthorized governance or permissions access. Under specific conditions—such as a non-self-signed PermissionsCA with a full chain—the system may also crash. While the description notes low overall impact, successful exploitation compromises integrity and availability without affecting confidentiality.

The eProsima Fast DDS security advisory (GHSA-w33g-jmm2-8983) and associated pull request (#5530) detail the fix implemented in versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, which add proper chain and expiration validation in components like Permissions.cpp and PKIDH.cpp. Security practitioners should prioritize upgrading affected deployments to these patched releases.

EU & UK References

Vulnerability details

eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is…

more

the expiration date validated. Access control plugin validates only the S/MIME signature which causes an expired PermissionsCA to be taken as valid. Even though this issue is responsible for allowing `governance/permissions` from an expired PermissionsCA and having the system crash when PermissionsCA is not self-signed and contains the full-chain, the impact is low. Versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0 contain a fix for the issue.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Local low-privileged attacker supplies expired PermissionsCA to bypass access control validation, directly enabling unauthorized permissions/governance access (privilege escalation); crash impact is secondary.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-62601Same product: Eprosima Fast Dds
CVE-2025-64438Same product: Eprosima Fast Dds
CVE-2024-39805Shared CWE-345
CVE-2025-62600Same product: Eprosima Fast Dds
CVE-2025-62603Same product: Eprosima Fast Dds
CVE-2025-62602Same product: Eprosima Fast Dds
CVE-2025-62799Same product: Eprosima Fast Dds
CVE-2025-62599Same product: Eprosima Fast Dds
CVE-2026-33243Shared CWE-345
CVE-2026-43534Shared CWE-345

Affected Assets

eprosima
fast dds
≤ 2.6.10 · 2.10.0 — 2.10.7 · 2.14.0 — 2.14.5

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation of PKI certificates by verifying certification paths to trust anchors and status information, directly mitigating the lack of full chain and expiration validation for PermissionsCA certificates.

prevent

Mandates cryptographic integrity verification for software, firmware, and information, addressing the insufficient S/MIME signature and certificate validation that allows expired PermissionsCA to enable unauthorized access.

prevent

Requires timely flaw remediation including patching to fixed versions (2.6.10, 2.10.7, etc.), directly preventing exploitation of the certificate validation vulnerability in eProsima Fast DDS.

References