Buffer Copy without Checking Size of Input Vulnerability Affects RTI Connext Professional
CVE-2024-52066

8.3HIGH

Key Information:

Vendor

Rti

Status
Connext Professional
Vendor
CVE Published:
13 December 2024

What is CVE-2024-52066?

A buffer overflow vulnerability in RTI Connext Professional's Routing Service allows attackers to exploit improperly validated input. This could lead to overflow variables and tags being executed, compromising the integrity and availability of the system. Versions impacted include Connext Professional from 7.4.0 prior to 7.5.0, 7.0.0 prior to 7.3.0.5, 6.1.0 prior to 6.1.2.21, and 6.0.0 prior to 6.0.1.40. It is crucial for users to upgrade to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

Connext Professional 7.4.0 < 7.5.0

Connext Professional 7.0.0 < 7.3.0.5

Connext Professional 6.1.0 < 6.1.2.21

References

https://www.rti.com/vulnerabilities/#cve-2024-52066

CVSS V4

Score:
8.3
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.