CVE-2025-1253

Summary

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Stack-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from 5.3.0 before 5.3., from 4.5c before 5.2..

Affected Software

VendorProductVersion RangeStatus
RTIConnext Professional7.4.0 < 7.5.0affected
RTIConnext Professional7.0.0 < 7.3.0.7affected
RTIConnext Professional6.1.0 < 6.1.2.23affected
RTIConnext Professional6.0.0 < 6.0.1.42affected
RTIConnext Professional5.3.0 < 5.3.*affected
RTIConnext Professional4.5c < 5.2.*affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • CWE-121: CWE-121 Stack-based Buffer Overflow

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References