CVE-2025-1252
08.05.2025, 09:15
Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 4.4 before 6.1.2.23.Enginsight
Vendor | Product | Version |
---|---|---|
rti | connext_professional | 4.4 ≤ 𝑥 ≤ 5.2.3 |
rti | connext_professional | 5.3.0 ≤ 𝑥 ≤ 5.3.1.45 |
rti | connext_professional | 6.0.0 ≤ 𝑥 ≤ 6.0.1.40 |
rti | connext_professional | 6.1.0 ≤ 𝑥 < 6.1.2.23 |
rti | connext_professional | 7.0.0 ≤ 𝑥 < 7.3.0.7 |
rti | connext_professional | 7.4.0 ≤ 𝑥 < 7.5.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-122 - Heap-based Buffer OverflowA heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.