CVE-2024-52061

Name of the Vulnerable Software and Affected Versions RTI Connext Professional versions 5.0.0 through 5.3.1.45 RTI Connext Professional versions 6.0.0 through 6.0.1.40 RTI Connext Professional versions 6.1.0 through 6.1.2.21 RTI Connext Professional versions 7.0.0 through 7.3.0.5 RTI Connext Professional versions 7.4.0 through 7.5.0

Description The issue is a 'Classic Buffer Overflow' vulnerability due to buffer copy without checking the size of the input. This allows for the overflow of variables and tags. It affects the Core Libraries, Queuing Service, Recording Service, and Routing Service of RTI Connext Professional.

Recommendations For versions 5.0.0 through 5.3.1.45, update to a version later than 5.3.1.45. For versions 6.0.0 through 6.0.1.40, update to a version later than 6.0.1.40. For versions 6.1.0 through 6.1.2.21, update to a version later than 6.1.2.21. For versions 7.0.0 through 7.3.0.5, update to a version later than 7.3.0.5. For versions 7.4.0 through 7.5.0, update to a version later than 7.5.0. As a temporary workaround, consider restricting access to the affected services until a patch is available.