CVE-2021-38487

Name of the Vulnerable Software and Affected Versions RTI Connext DDS Professional versions 4.2x through 6.1.0 Connext DDS Secure versions 4.2x through 6.1.0 Connext DDS Micro versions 2.4 and later

Description The issue arises when an attacker sends a specially crafted packet to flood target devices with unwanted traffic, potentially resulting in a denial-of-service condition and information exposure.

Recommendations For RTI Connext DDS Professional versions 4.2x through 6.1.0, consider implementing traffic filtering to prevent unwanted packets. For Connext DDS Secure versions 4.2x through 6.1.0, restrict access to the network to minimize the risk of exploitation. For Connext DDS Micro versions 2.4 and later, avoid using the software in critical infrastructure until a patch is available. As a temporary workaround, consider disabling the reception of external packets until a fix is implemented.