Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-52060

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45.

Published

2024-12-13T11:15:08.250

Last Modified

2025-10-02T13:36:45.580

Status

Analyzed

Source

3f572a00-62e2-4423-959a-7ea25eff1638

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-120

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	rti	connext_professional	< 5.3.1.45	Yes
Application	rti	connext_professional	< 6.0.1.40	Yes
Application	rti	connext_professional	< 6.1.2.21	Yes
Application	rti	connext_professional	< 7.3.0.5	Yes

References

https://www.rti.com/vulnerabilities/#cve-2024-52060 Vendor Advisory (3f572a00-62e2-4423-959a-7ea25eff1638)