CVE-2021-38427
05.05.2022, 17:15
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| rti | connext_professional | 4.2.0 ≤ 𝑥 ≤ 6.1.0 |
| rti | connext_secure | 4.2.0 ≤ 𝑥 ≤ 6.1.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| rti | connext_dds_professional | 4.2x ≤ 𝑥 ≤ 6.1.0 | CNA |
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.