Buffer Copy without Checking Size of Input Vulnerability Affects Connext Professional
CVE-2024-52061

8.3HIGH

Key Information:

Vendor

Rti

Status
Connext Professional
Vendor
CVE Published:
13 December 2024

What is CVE-2024-52061?

A buffer overflow vulnerability exists in RTI Connext Professional's core libraries and services, allowing potential attackers to manipulate Overflow Variables and Tags. This flaw can occur when input sizes are not properly checked during buffer copying operations, affecting several versions of the product from 5.0.0 to before 7.5.0. Users of the affected versions should take immediate action to mitigate risks associated with this vulnerability.

Affected Version(s)

Connext Professional 7.4.0 < 7.5.0

Connext Professional 7.0.0 < 7.3.0.5

Connext Professional 6.1.0 < 6.1.2.21

References

https://www.rti.com/vulnerabilities/#cve-2024-52061

CVSS V4

Score:
8.3
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.