{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T21:26:58.882","vulnerabilities":[{"cve":{"id":"CVE-2025-24807","sourceIdentifier":"security-advisories@github.com","published":"2025-02-11T16:15:51.190","lastModified":"2025-02-21T15:26:57.507","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"eprosima Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group). Prior to versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0, per design, PermissionsCA is not full chain validated, nor is the expiration date validated. Access control plugin validates only the S/MIME signature which causes an expired PermissionsCA to be taken as valid. Even though this issue is responsible for allowing `governance/permissions` from an expired PermissionsCA and having the system crash when PermissionsCA is not self-signed and contains the full-chain, the impact is low. Versions 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2, and 3.2.0 contain a fix for the issue."},{"lang":"es","value":"eprosima Fast DDS es una implementación en C++ del estándar DDS (Data Distribution Service) de OMG (Object Management Group). Antes de las versiones 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2 y 3.2.0, por diseño, PermissionsCA no se valida en cadena completa ni se valida la fecha de vencimiento. El complemento de control de acceso valida solo la firma S/MIME, lo que hace que un PermissionsCA vencido se considere válido. Aunque este problema es responsable de permitir la `gobernanza/permisos` desde un PermissionsCA vencido y de que el sistema se bloquee cuando PermissionsCA no está autofirmado y contiene la cadena completa, el impacto es bajo. Las versiones 2.6.10, 2.10.7, 2.14.5, 3.0.2, 3.1.2 y 3.2.0 contienen una solución para el problema."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eprosima:fast_dds:*:*:*:*:*:*:*:*","versionEndExcluding":"2.6.10","matchCriteriaId":"81D1A228-4A42-4D7A-82B9-2F122823B155"},{"vulnerable":true,"criteria":"cpe:2.3:a:eprosima:fast_dds:*:*:*:*:*:*:*:*","versionStartIncluding":"2.10.0","versionEndExcluding":"2.10.7","matchCriteriaId":"B2A20BB4-EE48-45BA-B4C2-4FC4A3092FB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:eprosima:fast_dds:*:*:*:*:*:*:*:*","versionStartIncluding":"2.14.0","versionEndExcluding":"2.14.5","matchCriteriaId":"19F26EE7-AA12-4DC8-963A-C1D978371A87"},{"vulnerable":true,"criteria":"cpe:2.3:a:eprosima:fast_dds:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.2","matchCriteriaId":"489DF936-893F-48EB-B2F5-1DCA66DB1F43"},{"vulnerable":true,"criteria":"cpe:2.3:a:eprosima:fast_dds:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1.0","versionEndExcluding":"3.1.2","matchCriteriaId":"864A80F5-286F-45F2-9D08-0FF54F012497"}]}]}],"references":[{"url":"https://github.com/eProsima/Fast-DDS/blob/2.6.9/src/cpp/security/accesscontrol/Permissions.cpp#L390-L396","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/eProsima/Fast-DDS/blob/2.6.9/src/cpp/security/accesscontrol/Permissions.cpp#L412","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/eProsima/Fast-DDS/blob/2.6.9/src/cpp/security/authentication/PKIDH.cpp#L241","source":"security-advisories@github.com","tags":["Product"]},{"url":"https://github.com/eProsima/Fast-DDS/pull/5530","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/eProsima/Fast-DDS/security/advisories/GHSA-w33g-jmm2-8983","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://www.omg.org/spec/DDS-SECURITY/1.1/PDF","source":"security-advisories@github.com","tags":["Related"]}]}}]}