CVE Catalog
CVE-2025-67109
CriticalCVSS 10.0Exploitation Probability (EPSS)
Low risk0.29%
21th percentile - higher than 21% of all known CVEs
Summary
In Eclipse Cyclone DDS before version 0.10.5, improper verification of the time certificate allows attackers to bypass certificate checks and execute commands with System privileges.
Risk Assessment
An attacker can remotely take control of the system with the highest privileges, leading to complete compromise of data confidentiality, integrity, and availability.
Recommendation
Immediately update Eclipse Cyclone DDS to version 0.10.5 or later, which includes a fix for this vulnerability.
Original NVD description (English source)
Improper verification of the time certificate in Eclipse Cyclone DDS before v0.10.5 allows attackers to bypass certificate checks and execute commands with System privileges.

