Introduction

This page contains a list of all RTI® Connext® vulnerabilities that have been published through the CVE® Program.

Note

Since this document only contains vulnerabilities published through the CVE® Program, the vulnerabilities listed in this document are a subset of the vulnerabilities published in the RTI Security Notices.

To receive further updates on vulnerabilities found in RTI products, including those that are not disclosed through the public CVE, please subscribe to our security notification list by sending an email to security@rti.com.

If you believe you have found a vulnerability affecting RTI products, please report it to us by sending an email to security@rti.com.

2024

CVE-2024-25724

[Critical] Potential buffer overflow in Cloud Discovery Service while parsing an XML document

Potential buffer overflow in Cloud Discovery Service while parsing an XML document.

User Impact without Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the RTI_CDS_Service_new public API containing malicious parameters.
Remotely exploitable through malicious RTPS messages.
Cloud Discovery Service could crash or leak sensitive information. An attacker could compromise Cloud Discovery Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

User Impact with Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the RTI_CDS_Service_new public API containing malicious parameters.
Remotely exploitable through malicious RTPS messages.
Cloud Discovery Service could crash or leak sensitive information. An attacker could compromise Cloud Discovery Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Mitigations

Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Cloud Discovery Service uses to prevent Local Attack Vector.

Associated Issue IDs

[CVE Issue ID CVE-2024-25724]
[RTI Issue ID CDS-222]

Affected RTI Connext Professional Releases

Introduced in: 5.3.1
Fixed in: 6.1.1

[Critical] Potential buffer overflow in Recording Service while parsing an XML document

Potential buffer overflow in Recording Service while parsing an XML document.

User Impact without Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the rti::recording::Service() public API containing malicious parameters.
Remotely exploitable through malicious RTPS messages.
Recording Service could crash or leak sensitive information. An attacker could compromise Recording Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

User Impact with Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the rti::recording::Service() public API containing malicious parameters.
Remotely exploitable through malicious RTPS messages.
Recording Service could crash or leak sensitive information. An attacker could compromise Recording Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Mitigations

Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Recording Service uses to prevent Local Attack Vector.

Associated Issue IDs

[CVE Issue ID CVE-2024-25724]
[RTI Issue ID RECORD-1418]

Affected RTI Connext Professional Releases

Introduced in: 5.3.1
Fixed in: 5.3.1.44, 6.0.1.35

[Critical] Potential buffer overflow in Routing Service while parsing an XML document

Potential buffer overflow in Routing Service while parsing an XML document.

User Impact without Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the RTI_RoutingService_new public API containing malicious parameters.
Remotely exploitable through malicious RTPS messages.
Routing Service could crash or leak sensitive information. An attacker could compromise Routing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

User Impact with Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the RTI_RoutingService_new public API containing malicious parameters.
Routing Service could crash or leak sensitive information. An attacker could compromise Routing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Mitigations

Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Routing Service uses to prevent Local Attack Vector.

Associated Issue IDs

[CVE Issue ID CVE-2024-25724]
[RTI Issue ID ROUTING-1092]

Affected RTI Connext Professional Releases

Introduced in: 5.3.1
Fixed in: 5.3.1.44, 6.0.1.35

Acknowledgements

Found by Philip Pettersson <ppettersson@zoox.com>

[Critical] Potential buffer overflow in Queuing Service while parsing an XML document

Potential buffer overflow in Queuing Service while parsing an XML document.

User Impact without Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the RTI_QueuingService_new public API containing malicious parameters.
Remotely exploitable through malicious RTPS messages.
Queuing Service could crash or leak sensitive information. An attacker could compromise Queuing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

User Impact with Security

Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the RTI_QueuingService_new public API containing malicious parameters.
Queuing Service could crash or leak sensitive information. An attacker could compromise Queuing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

Mitigations

Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Queing Service uses to prevent Local Attack Vector.

Associated Issue IDs

[CVE Issue ID CVE-2024-25724]
[RTI Issue ID QUEUEING-759]

Affected RTI Connext Professional Releases

Introduced in: 5.3.1
Fixed in: 5.3.1.44, 6.0.1.35

2022-2023

There were no RTI Connext vulnerabilities published through the CVE® Program in 2022-2023.

2021

CVE-2021-38435

[Critical] Potential Crash Upon Receiving a Corrupted data(p)

Potential crash upon receiving a corrupted data(p).

User Impact without Security

Remotely exploitable.
Crash application. Potentially impacting confidentiality/integrity of Connext application.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

User Impact with Security

Remotely exploitable.
Crash application. Potentially impacting confidentiality/integrity of Connext application.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Mitigations

Protect access to the network Connext applications are running in.

Associated Issue IDs

[CVE Issue ID CVE-2021-38435]
[RTI Issue ID CORE-11751]

Affected RTI Connext Professional Releases

Introduced in: 4.1x
Fixed in: 6.1.1, 6.1.0.3, 5.3.1.35, 4.5d.rev41, 5.2.3.36, 4.5d.rev42, 6.0.1.25, 5.2.3.37, 5.0.0.57, 5.3.0.25

CVE-2021-38433

[Critical] Potential stack buffer overflow while parsing an XML document

Potential stack buffer overflow while parsing an XML document.

User Impact without Security

Remotely exploitable
Crash application, remote code execution with Connext application privileges.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

User Impact with Security

Only exploitable from the same host where the Connext application is running.
CVSS Base Score: 6.6 MEDIUM
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Mitigations

Protect access to the network Connext applications are running in / Use Connext Secure with RTPS protection.
Restrict permissions for writing to the configuration files your Connext application uses.

Associated Issue IDs

[CVE Issue ID CVE-2021-38433]
[RTI Issue ID CORE-11750]

Affected RTI Connext Professional Releases

Introduced in: 4.5x
Fixed in: 7.0.0, 6.1.1, 6.1.0.3, 5.3.1.35, 4.5d.rev41, 5.2.3.36, 4.5d.rev42, 6.0.1.25, 5.2.3.37, 5.0.0.57, 5.3.0.25

CVE-2021-38427

[Critical] Potential stack buffer overflow while parsing an XML document

Potential stack buffer overflow while parsing an XML document.

User Impact without Security

Remotely exploitable
Crash application, remote code execution with Connext application privileges.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

User Impact with Security

Only exploitable from the same host where the Connext application is running.
CVSS Base Score: 6.6 MEDIUM
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Mitigations

Protect access to the network Connext applications are running in / Use Connext Secure with RTPS protection.
Restrict permissions for writing to the configuration files your Connext application uses.

Associated Issue IDs

[CVE Issue ID CVE-2021-38427]
[RTI Issue ID CORE-11749]

Affected RTI Connext Professional Releases

Introduced in: 4.5x
Fixed in: 7.0.0, 6.1.1, 6.1.0.3, 5.3.1.35, 4.5d.rev41, 5.2.3.36, 4.5d.rev42, 6.0.1.25, 5.2.3.37, 5.0.0.57, 5.3.0.25