CVE-2025-1253

Description

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Stack-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42, from 5.3.0 before 5.3.*, from 4.5c before 5.2.*.

CVSS breakdown

CVSS 4.0

Attack Vector

Local

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

Confidentiality (Vulnerable System)

None

Integrity (Vulnerable System)

High

Availability (Vulnerable System)

High

Confidentiality (Subsequent System)

None

Integrity (Subsequent System)

None

Availability (Subsequent System)

None

Affected products

RTI / Connext Professional7.4.0 – 7.5.0
RTI / Connext Professional7.0.0 – 7.3.0.7
RTI / Connext Professional6.1.0 – 6.1.2.23
RTI / Connext Professional6.0.0 – 6.0.1.42
RTI / Connext Professional5.3.0 – 5.3.*
RTI / Connext Professional4.5c – 5.2.*

References

MISChttps://www.rti.com/vulnerabilities/#cve-2025-1253