📄 Description (English)
Fast DDS is a C++ implementation of the DDS (Data Distribution Service) standard of the OMG (Object Management Group
). Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an
SPDP packet sent by a publisher causes an Out-Of-Memory (OOM) condition, resulting in remote termination of Fast-DDS. If t
he fields of PID_IDENTITY_TOKEN or PID_PERMISSION_TOKEN in the DATA Submessage — specifically by tampering with the length
field in readBinaryPropertySeq — are modified, an integer overflow occurs, leading to an OOM during the resize operation.
Versions 3.4.1, 3.3.1, and 2.6.11 patch the issue.
🤖 AI Executive Summary
Fast DDS versions prior to 3.4.1, 3.3.1, and 2.6.11 contain a critical integer overflow vulnerability in security-enabled deployments that allows remote attackers to trigger Out-Of-Memory conditions by tampering with token length fields in SPDP packets, causing denial of service. This vulnerability affects real-time distributed systems commonly used in industrial IoT, autonomous systems, and critical infrastructure. Organizations using Fast DDS in security-enabled mode should prioritize immediate patching to prevent service disruption.
📄 Description (Arabic)
🤖 AI Intelligence Analysis Analyzed: May 2, 2026 13:17
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability poses significant risk to Saudi critical infrastructure sectors: (1) Energy Sector (ARAMCO, SEC) — DDS is widely used in SCADA and industrial control systems for oil/gas operations; (2) Telecommunications (STC, Mobily, Zain) — affects real-time network management and 5G infrastructure; (3) Government/NCA — impacts critical infrastructure monitoring and defense systems; (4) Healthcare — affects medical device networks and hospital information systems using DDS; (5) Aviation/Transportation — impacts autonomous vehicle systems and air traffic control. The vulnerability's remote exploitability without authentication in security-enabled mode makes it particularly dangerous for air-gapped critical systems that may have been compromised through supply chain or insider threats.
🏢 Affected Saudi Sectors
Energy (Oil & Gas)
Critical Infrastructure
Telecommunications
Government
Healthcare
Aviation/Transportation
Industrial IoT
Defense
🎯 MITRE ATT&CK Techniques
⚖️ Saudi Risk Score (AI)
8.2
/ 10.0
🔧 Remediation Steps (English)
IMMEDIATE ACTIONS:
1. Identify all Fast DDS deployments in your environment, particularly those with security mode enabled
2. Assess network exposure — determine if SPDP packets can reach affected systems from untrusted networks
3. Implement network segmentation to restrict SPDP traffic (UDP port 7400-7409) to trusted sources only
PATCHING GUIDANCE:
1. Upgrade Fast DDS to version 3.4.1, 3.3.1, or 2.6.11 immediately
2. For Debian systems (11, 12, 13), update via: apt-get update && apt-get upgrade fast-dds
3. Test patches in non-production environments first, particularly for SCADA/ICS systems
4. Coordinate with system owners for maintenance windows to minimize downtime
COMPENSATING CONTROLS (if immediate patching not possible):
1. Disable DDS security mode if operationally feasible (reduces attack surface)
2. Implement firewall rules to block SPDP traffic from external networks
3. Monitor for OOM conditions and process crashes on DDS nodes
4. Implement rate limiting on SPDP packet processing
5. Deploy network IDS/IPS rules to detect malformed SPDP packets with suspicious token length fields
DETECTION RULES:
1. Monitor system logs for Fast DDS process crashes with OOM errors
2. Alert on unusual memory consumption spikes in DDS processes
3. Network detection: Flag SPDP packets with PID_IDENTITY_TOKEN or PID_PERMISSION_TOKEN length fields exceeding normal ranges (typically <1024 bytes)
4. Monitor for repeated connection attempts with malformed security tokens
5. Track DDS participant discovery failures and reconnection storms
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:
1. حدد جميع نشرات Fast DDS في بيئتك، خاصة تلك التي يكون وضع الأمان فيها مفعلاً
2. قيّم التعرض للشبكة — حدد ما إذا كان يمكن للحزم SPDP الوصول إلى الأنظمة المتأثرة من الشبكات غير الموثوقة
3. طبّق تقسيم الشبكة لتقييد حركة SPDP (منافذ UDP 7400-7409) إلى المصادر الموثوقة فقط
إرشادات التصحيح:
1. قم بترقية Fast DDS إلى الإصدار 3.4.1 أو 3.3.1 أو 2.6.11 على الفور
2. لأنظمة Debian (11، 12، 13)، قم بالتحديث عبر: apt-get update && apt-get upgrade fast-dds
3. اختبر التصحيحات في بيئات غير الإنتاج أولاً، خاصة لأنظمة SCADA/ICS
4. تنسيق مع مالكي الأنظمة لنوافذ الصيانة لتقليل وقت التوقف
الضوابط البديلة (إذا لم يكن التصحيح الفوري ممكناً):
1. عطّل وضع أمان DDS إذا كان ذلك ممكناً من الناحية التشغيلية
2. طبّق قواعد جدار الحماية لحظر حركة SPDP من الشبكات الخارجية
3. راقب حالات نقص الذاكرة وأعطال العمليات على عقد DDS
4. طبّق تحديد معدل معالجة حزم SPDP
5. نشّر قواعد IDS/IPS للشبكة للكشف عن حزم SPDP المشوهة بحقول طول رموز مريبة
قواعد الكشف:
1. راقب سجلات النظام لأعطال عملية Fast DDS مع أخطاء نقص الذاكرة
2. تنبيه على ارتفاعات استهلاك الذاكرة غير العادية في عمليات DDS
3. كشف الشبكة: علّم حزم SPDP بحقول طول PID_IDENTITY_TOKEN أو PID_PERMISSION_TOKEN التي تتجاوز النطاقات العادية
4. راقب محاولات الاتصال المتكررة برموز أمان مشوهة
5. تتبع فشل اكتشاف مشاركي DDS وعواصف إعادة الاتصال
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
ECC 2024 A.12.6.1 — Management of technical vulnerabilities in critical systems
ECC 2024 A.14.2.1 — Secure development and change management
ECC 2024 A.12.3.1 — Configuration management for critical infrastructure
🔵 SAMA CSF
SAMA CSF ID.BE-5 — Organizational resilience and continuity planning
SAMA CSF PR.IP-12 — Software, firmware, and information integrity
SAMA CSF DE.CM-1 — Detection and analysis of anomalies and events
🟡 ISO 27001:2022
ISO 27001:2022 A.12.6.1 — Management of technical vulnerabilities
ISO 27001:2022 A.14.2.1 — Secure development policy
ISO 27001:2022 A.8.1.1 — Inventory of information and other assets
🔗 References & Sources 4
🔗
https://github.com/eProsima/Fast-DDS/commit/354218514d32beac963ff5c306f1cf159ee37c5f
security-advisories@github.com
Patch
🔗
https://github.com/eProsima/Fast-DDS/commit/a726e6a5daba660418d1f7c05b6f203c17747d2b
security-advisories@github.com
Patch
🔗
https://github.com/eProsima/Fast-DDS/commit/ced3b6f92d928af1eae77d5fe889878128ad421a
security-advisories@github.com
Patch
🔗
https://security-tracker.debian.org/tracker/CVE-2025-62600
security-advisories@github.com
Third Party Advisory
📦 Affected Products / CPE 6 entries
eprosima:fast_dds
eprosima:fast_dds
eprosima:fast_dds:3.4.0
debian:debian_linux:11.0
debian:debian_linux:12.0
debian:debian_linux:13.0