Buffer Copy without Checking Size of Input Vulnerability Affects Connext Professional
CVE-2024-52061

8.3HIGH

Key Information:

Vendor: Rti
Status: Connext Professional
Vendor: CVE Published:; 13 December 2024

What is CVE-2024-52061?

A buffer overflow vulnerability exists in RTI Connext Professional's core libraries and services, allowing potential attackers to manipulate Overflow Variables and Tags. This flaw can occur when input sizes are not properly checked during buffer copying operations, affecting several versions of the product from 5.0.0 to before 7.5.0. Users of the affected versions should take immediate action to mitigate risks associated with this vulnerability.

Affected Version(s)

Connext Professional 7.4.0 < 7.5.0

Connext Professional 7.0.0 < 7.3.0.5

Connext Professional 6.1.0 < 6.1.2.21

References

https://www.rti.com/vulnerabilities/#cve-2024-52061

CVSS V4

Score:

8.3

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction: