Introduction
This page contains a list of all RTI® Connext® vulnerabilities that have been published through the CVE® Program.
Note
Since this document only contains vulnerabilities published through the CVE® Program, the vulnerabilities listed in this document are a subset of the vulnerabilities published in the RTI Security Notices.
To receive further updates on vulnerabilities found in RTI products, including those that are not disclosed through the public CVE, please subscribe to our security notification list by sending an email to security@rti.com.
If you believe you have found a vulnerability affecting RTI products, please report it to us by sending an email to security@rti.com.
2024
CVE-2024-25724
[Critical] Potential buffer overflow in Cloud Discovery Service while parsing an XML document
Potential buffer overflow in Cloud Discovery Service while parsing an XML document.
User Impact without Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
RTI_CDS_Service_new
public API containing malicious parameters.Remotely exploitable through malicious RTPS messages.
Cloud Discovery Service could crash or leak sensitive information. An attacker could compromise Cloud Discovery Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
User Impact with Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
RTI_CDS_Service_new
public API containing malicious parameters.Remotely exploitable through malicious RTPS messages.
Cloud Discovery Service could crash or leak sensitive information. An attacker could compromise Cloud Discovery Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Mitigations
Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Cloud Discovery Service uses to prevent Local Attack Vector.
Associated Issue IDs
[CVE Issue ID CVE-2024-25724]
[RTI Issue ID CDS-222]
Affected RTI Connext Professional Releases
Introduced in: 5.3.1
Fixed in: 6.1.1
[Critical] Potential buffer overflow in Recording Service while parsing an XML document
Potential buffer overflow in Recording Service while parsing an XML document.
User Impact without Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
rti::recording::Service()
public API containing malicious parameters.Remotely exploitable through malicious RTPS messages.
Recording Service could crash or leak sensitive information. An attacker could compromise Recording Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
User Impact with Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
rti::recording::Service()
public API containing malicious parameters.Remotely exploitable through malicious RTPS messages.
Recording Service could crash or leak sensitive information. An attacker could compromise Recording Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Mitigations
Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Recording Service uses to prevent Local Attack Vector.
Associated Issue IDs
[CVE Issue ID CVE-2024-25724]
[RTI Issue ID RECORD-1418]
Affected RTI Connext Professional Releases
Introduced in: 5.3.1
Fixed in: 5.3.1.44, 6.0.1.35
[Critical] Potential buffer overflow in Routing Service while parsing an XML document
Potential buffer overflow in Routing Service while parsing an XML document.
User Impact without Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
RTI_RoutingService_new
public API containing malicious parameters.Remotely exploitable through malicious RTPS messages.
Routing Service could crash or leak sensitive information. An attacker could compromise Routing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
User Impact with Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
RTI_RoutingService_new
public API containing malicious parameters.Routing Service could crash or leak sensitive information. An attacker could compromise Routing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Mitigations
Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Routing Service uses to prevent Local Attack Vector.
Associated Issue IDs
[CVE Issue ID CVE-2024-25724]
[RTI Issue ID ROUTING-1092]
Affected RTI Connext Professional Releases
Introduced in: 5.3.1
Fixed in: 5.3.1.44, 6.0.1.35
Acknowledgements
Found by Philip Pettersson <ppettersson@zoox.com>
[Critical] Potential buffer overflow in Queuing Service while parsing an XML document
Potential buffer overflow in Queuing Service while parsing an XML document.
User Impact without Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
RTI_QueuingService_new
public API containing malicious parameters.Remotely exploitable through malicious RTPS messages.
Queuing Service could crash or leak sensitive information. An attacker could compromise Queuing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 9.4 CRITICAL
CVSS v3.1 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
User Impact with Security
Exploitable through a compromised local file system containing a malicious XML file.
Exploitable through a compromised call to the
RTI_QueuingService_new
public API containing malicious parameters.Queuing Service could crash or leak sensitive information. An attacker could compromise Queuing Service integrity or execute malicious code with system privileges.
CVSS Base Score: 7.3 HIGH
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Mitigations
Use Connext Secure RTPS protection to prevent Network Attack Vector, AND
Restrict permissions for writing to the configuration files Queing Service uses to prevent Local Attack Vector.
Associated Issue IDs
[CVE Issue ID CVE-2024-25724]
[RTI Issue ID QUEUEING-759]
Affected RTI Connext Professional Releases
Introduced in: 5.3.1
Fixed in: 5.3.1.44, 6.0.1.35
2022-2023
There were no RTI Connext vulnerabilities published through the CVE® Program in 2022-2023.
2021
CVE-2021-38435
[Critical] Potential Crash Upon Receiving a Corrupted data(p)
Potential crash upon receiving a corrupted data(p).
User Impact without Security
Remotely exploitable.
Crash application. Potentially impacting confidentiality/integrity of Connext application.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
User Impact with Security
Remotely exploitable.
Crash application. Potentially impacting confidentiality/integrity of Connext application.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Mitigations
Protect access to the network Connext applications are running in.
Associated Issue IDs
[CVE Issue ID CVE-2021-38435]
[RTI Issue ID CORE-11751]
Affected RTI Connext Professional Releases
Introduced in: 4.1x
Fixed in: 6.1.1, 6.1.0.3, 5.3.1.35, 4.5d.rev41, 5.2.3.36, 4.5d.rev42, 6.0.1.25, 5.2.3.37, 5.0.0.57, 5.3.0.25
CVE-2021-38433
[Critical] Potential stack buffer overflow while parsing an XML document
Potential stack buffer overflow while parsing an XML document.
User Impact without Security
Remotely exploitable
Crash application, remote code execution with Connext application privileges.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
User Impact with Security
Only exploitable from the same host where the Connext application is running.
CVSS Base Score: 6.6 MEDIUM
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Mitigations
Protect access to the network Connext applications are running in / Use Connext Secure with RTPS protection.
Restrict permissions for writing to the configuration files your Connext application uses.
Associated Issue IDs
[CVE Issue ID CVE-2021-38433]
[RTI Issue ID CORE-11750]
Affected RTI Connext Professional Releases
Introduced in: 4.5x
Fixed in: 7.0.0, 6.1.1, 6.1.0.3, 5.3.1.35, 4.5d.rev41, 5.2.3.36, 4.5d.rev42, 6.0.1.25, 5.2.3.37, 5.0.0.57, 5.3.0.25
CVE-2021-38427
[Critical] Potential stack buffer overflow while parsing an XML document
Potential stack buffer overflow while parsing an XML document.
User Impact without Security
Remotely exploitable
Crash application, remote code execution with Connext application privileges.
CVSS Base Score: 7.6 HIGH
CVSS v3.1 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
User Impact with Security
Only exploitable from the same host where the Connext application is running.
CVSS Base Score: 6.6 MEDIUM
CVSS v3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
Mitigations
Protect access to the network Connext applications are running in / Use Connext Secure with RTPS protection.
Restrict permissions for writing to the configuration files your Connext application uses.
Associated Issue IDs
[CVE Issue ID CVE-2021-38427]
[RTI Issue ID CORE-11749]
Affected RTI Connext Professional Releases
Introduced in: 4.5x
Fixed in: 7.0.0, 6.1.1, 6.1.0.3, 5.3.1.35, 4.5d.rev41, 5.2.3.36, 4.5d.rev42, 6.0.1.25, 5.2.3.37, 5.0.0.57, 5.3.0.25