CVE-2024-52061

Summary

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries, Queuing Service, Recording Service, Routing Service) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0 before 5.3.1.45.

Affected Software

VendorProductVersion RangeStatus
RTIConnext Professional7.4.0 < 7.5.0affected
RTIConnext Professional7.0.0 < 7.3.0.5affected
RTIConnext Professional6.1.0 < 6.1.2.21affected
RTIConnext Professional6.0.0 < 6.0.1.40affected
RTIConnext Professional5.0.0 < 5.3.1.45affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References