Home

Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Stack-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from 5.3.0 before 5.3.*, from 4.5c before 5.2.*.

PUBLISHED Reserved 2025-02-12 | Published 2025-05-08 | Updated 2025-09-23 | Assigner RTI




MEDIUM: 6.9CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

MEDIUM: 6.9CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Security Extensions Enabled

Problem types

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE-121 Stack-based Buffer Overflow

Product status

Default status
unaffected

7.4.0 (custom) before 7.5.0
affected

7.0.0 (custom) before 7.3.0.7
affected

6.1.0 (custom) before 6.1.2.23
affected

6.0.0 (custom) before 6.0.1.42
affected

5.3.0 (custom) before 5.3.*
affected

4.5c (custom) before 5.2.*
affected

References

www.rti.com/vulnerabilities/

cve.org (CVE-2025-1253)

nvd.nist.gov (CVE-2025-1253)

Download JSON