CVE-2025-55087 is a vulnerability identified in the SNMP addon of the Eclipse Foundation's NextX Duo product, specifically in versions before 6.4.4. The issue stems from improper validation of specified indexes, positions, or offsets in input data, categorized under CWE-1285 and CWE-125, which relate to improper validation and out-of-bounds reads respectively. An attacker can exploit this flaw by sending specially crafted SNMPv3 security parameters that trigger an out-of-bound read condition. This vulnerability does not require authentication or user interaction, making it remotely exploitable over the network. The out-of-bound read could lead to disclosure of sensitive memory contents or potentially cause application crashes, impacting confidentiality and availability. The CVSS 4.0 base score is 6.3 (medium), reflecting network attack vector, low complexity, no privileges required, and no user interaction, but limited impact on confidentiality, integrity, and availability. No known exploits have been reported in the wild as of the publication date. The vulnerability affects network management systems and embedded devices that utilize the NextX Duo SNMP addon, which is part of the Eclipse Foundation ThreadX ecosystem, commonly used in IoT, industrial control, and telecommunications environments.

For European organizations, this vulnerability poses a risk primarily to network infrastructure and IoT devices that rely on the NextX Duo SNMP addon for management and monitoring. Exploitation could lead to unauthorized disclosure of sensitive memory data, potentially exposing configuration details or cryptographic material, thereby compromising confidentiality. Additionally, the out-of-bound read may cause instability or crashes in network management applications or embedded devices, affecting availability. This could disrupt critical industrial control systems, telecommunications infrastructure, or enterprise network monitoring, leading to operational downtime or degraded service. Given the widespread adoption of Eclipse ThreadX in embedded and IoT devices, sectors such as manufacturing, energy, transportation, and telecom in Europe could be particularly affected. The lack of authentication requirement and remote exploitability increases the threat surface, especially in environments where SNMP traffic is exposed or insufficiently filtered.

To mitigate this vulnerability, European organizations should promptly upgrade the NextX Duo SNMP addon to version 6.4.4 or later, where the input validation flaw has been addressed. In environments where immediate patching is not feasible, network administrators should implement strict access controls on SNMP traffic, restricting it to trusted management stations and isolating SNMP-enabled devices within secure network segments. Deploying intrusion detection or prevention systems with signatures for anomalous SNMPv3 packets can help detect exploitation attempts. Regularly auditing and monitoring SNMP traffic for unusual patterns is recommended. Additionally, organizations should review device configurations to disable unnecessary SNMP services or limit SNMP versions to those with stronger security controls. Coordinating with device vendors to confirm the presence of patched firmware or software versions is essential. Finally, integrating this vulnerability into vulnerability management and incident response workflows will ensure timely detection and remediation.