CVE-2025-65865 is an integer overflow vulnerability identified in eProsima Fast-DDS version 3.3, a widely used open-source implementation of the Data Distribution Service (DDS) protocol for real-time data exchange. Integer overflow vulnerabilities occur when an arithmetic operation attempts to create a numeric value that exceeds the maximum size the variable can store, causing unexpected behavior such as memory corruption or logic errors. In this case, the overflow can be triggered by specially crafted input data sent to the Fast-DDS middleware, leading to a Denial of Service (DoS) condition. This DoS could manifest as a crash or hang of the Fast-DDS service, disrupting communication between distributed systems relying on it. The vulnerability does not require prior authentication or complex user interaction, increasing the risk of exploitation in exposed environments. No CVSS score or patches are currently available, and no known exploits have been reported in the wild. However, given Fast-DDS’s role in critical real-time communication in sectors like industrial automation, automotive, aerospace, and IoT, this vulnerability poses a significant risk to system availability. The lack of detailed affected versions and absence of mitigation guidance from the vendor necessitates proactive monitoring and network-level protections until official patches are released.

For European organizations, the primary impact of CVE-2025-65865 is the potential disruption of availability in systems that rely on eProsima Fast-DDS for real-time data distribution. This can affect industrial control systems, automotive communication networks, aerospace telemetry, and IoT infrastructures where Fast-DDS is deployed. A successful DoS attack could halt critical operations, leading to production downtime, safety risks, and financial losses. Given the increasing adoption of DDS middleware in European manufacturing and defense sectors, the vulnerability could have cascading effects on supply chains and critical infrastructure. Additionally, organizations with exposed Fast-DDS endpoints could face targeted attacks aiming to disrupt services. The absence of known exploits currently provides a window for mitigation, but the ease of triggering the overflow via crafted input suggests a high risk if attackers develop exploit code. The impact on confidentiality and integrity is minimal, but availability disruption alone can be severe in real-time and safety-critical environments.

1. Restrict network access to Fast-DDS services by implementing strict firewall rules and network segmentation to limit exposure to untrusted networks. 2. Monitor network traffic for anomalous or malformed DDS messages that could indicate attempts to exploit the integer overflow. 3. Employ intrusion detection/prevention systems (IDS/IPS) with custom signatures targeting suspicious Fast-DDS input patterns. 4. Engage with eProsima or Fast-DDS maintainers to obtain timely patches or updates addressing this vulnerability and apply them promptly once available. 5. Conduct thorough testing of Fast-DDS deployments in controlled environments to identify potential crash scenarios and develop incident response plans. 6. Consider deploying application-layer gateways or proxies that validate and sanitize DDS messages before they reach Fast-DDS services. 7. Maintain up-to-date asset inventories to identify all instances of Fast-DDS in use across the organization, including embedded and IoT devices. 8. Educate operational technology (OT) and IT teams about this vulnerability to ensure coordinated response and monitoring efforts.