CVE-2024-52065
moderate-risk
Published 2024-12-13
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional on non-Windows (Persistence Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.1.2 before 6.1.2.21, from 5.3.1.40 before 5.3.1.41.
Do I need to act?
-
0.21% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.1/10
High
LOCAL
/ LOW complexity
Affected Products (2)
Affected Vendors
References (1)
Vendor Advisory
https://www.rti.com/vulnerabilities/#cve-2024-52065
30
/ 100
moderate-risk
Severity
22/34 · High
Exploitability
1/34 · Minimal
Exposure
7/34 · Low