External risk intelligence

eProsima Fast-DDS Ticket Revocation Vulnerability.

CVE advisorySeverity: CRITICAL (CVSS 10.0)

CVE-2025-67108

eProsima Fast-DDS is a middleware library used for peer-to-peer communication in distributed systems, such as robotics or industrial IoT. While it uses network protocols, it is typically deployed within local or private networks for device-to-device communication rather than as a public-facing internet service.

Eprosima Fast Dds

3.3.0

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

External exposure likelihood

Horizon Alert

Summary of the vulnerability and why it matters

A critical vulnerability has been identified in eProsima Fast-DDS, a communications middleware, related to improper ticket revocation validation. This flaw can lead to insecure communications and connections within systems that rely on this technology. The main concern is confirming relevance and exposure.

  • Insecure communications in Fast-DDS software.
  • Critical flaw impacts secure data exchange.
  • Confirm relevance and exposure of Fast-DDS.

Attack Path

How an attacker could exploit the issue

An attacker could exploit this vulnerability by sending specially crafted network traffic to a system using the affected software. This traffic could target the ticket revocation process within eProsima Fast-DDS, potentially leading to a compromise of secure communications.

  • Network access required.
  • Triggered by ticket revocation validation.
  • Compromises secure communications.

Live Threat

Current exploitation, exposure, and threat context

This vulnerability could impact systems using eProsima Fast-DDS by allowing unauthorized access and modification of communications when ticket revocation is improperly validated. This could affect the integrity and confidentiality of data exchanged between connected components.

  • Insecure communications and connections.
  • Improper validation of ticket revocation.
  • Compromised data integrity and confidentiality.

Operational Fix

Recommended remediation, mitigation, and detection steps

Addressing this vulnerability likely falls to the platform or infrastructure teams responsible for the underlying middleware, in coordination with application owners who rely on eProsima Fast-DDS. The first practical step is to identify all deployments of the affected technology, determine their business criticality and network exposure, and then engage the accountable owners to plan remediation, potentially involving vendor coordination or temporary risk reduction measures.

  • Platform/infrastructure teams own the issue.
  • Verify affected deployments and network exposure.
  • Plan remediation based on risk and criticality.

Supplementary metadata

Validate whether this threat affects your internet-facing exposure.

Halo Threat Intelligence helps prioritize remediation with Halo Surface Signal and H/A/L/O context. Start exposure validation with a free external attack surface trial.

Frequently asked questions

What is eProsima Fast-DDS?

eProsima Fast-DDS is a middleware library that enables peer-to-peer communication between different components in distributed systems. It is widely used in industries requiring real-time, high-performance data exchange, such as robotics and industrial IoT, to allow devices to discover each other and share information reliably.

What does the CVE-2025-67108 vulnerability mean?

This vulnerability is classified as improper validation, specifically regarding ticket revocation (CWE-298 and CWE-370). In plain terms, the software fails to correctly check whether a security ticket or permission should still be considered valid. Because this validation process is flawed, an attacker might be able to maintain insecure connections or bypass intended communication restrictions, undermining the system's overall security.

How is this Fast-DDS vulnerability triggered?

The issue is triggered by sending specially crafted network traffic that interacts with the ticket revocation process. It requires network access to the affected system to succeed. Importantly, simply operating the software under normal conditions does not trigger the bug; it specifically requires an attempt to manipulate how the system validates or handles security revocation signals.

Do I need to worry if my Fast-DDS system is internal?

According to Halo Surface Signal, this software is typically deployed within local or private networks for device-to-device communication, making it an unlikely target for public-facing internet attacks. However, if your system has components exposed to untrusted network segments, the risk increases, as the vulnerability requires network access to be exploited.

How should I respond to this threat?

Your first step is to perform an inventory to identify where Fast-DDS version 3.3.0 is deployed in your environment. Once identified, evaluate the network exposure and criticality of those specific systems. Coordinate with the platform or infrastructure teams responsible for managing the middleware to discuss risk reduction measures and track potential vendor updates.

References