Skip to main content

RTI Connext Micro CVE-2026-30802

HIGH
Out-of-bounds Read (CWE-125)
2026-06-17 RTI
8.8
CVSS 4.0 · Vendor: RTI
Share

Severity by source

Vendor (RTI) PRIMARY
8.8 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.2 HIGH

RTPS is network-reachable with no auth or interaction (AV:N/AC:L/PR:N/UI:N); OOB read yields limited info disclosure (C:L) and likely process crash of the DDS endpoint (A:H), no integrity impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (RTI).

CVSS VectorVendor: RTI

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 17, 2026 - 18:07 vuln.today

DescriptionCVE.org

Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.

AnalysisAI

Out-of-bounds read in RTI Connext Micro Core Libraries (versions 4.0.0 up to but not including 4.3.0) allows remote unauthenticated attackers to read beyond allocated buffer boundaries, leading to limited information disclosure and a high availability impact (likely process crash of the DDS middleware). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain network reach to DDS participant
Delivery
Craft malformed RTPS message
Exploit
Send to Connext Micro endpoint
Execution
Trigger out-of-bounds read in Core Libraries
Persist
Crash process or leak adjacent memory
Impact
Disrupt real-time data distribution

Vulnerability AssessmentAI

Exploitation The attacker must be able to deliver a crafted RTPS/DDS message to a Connext Micro endpoint running an affected version (4.0.0 ≤ v < 4.3.0) - i.e., network reachability to the UDP ports on which the DDS participant is listening for discovery or user traffic. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/PR:N/UI:N, VC:L/VA:H) indicates a network-reachable, unauthenticated, low-complexity flaw whose primary impact is denial of service of the DDS endpoint with a minor confidentiality leak - consistent with a parser-side OOB read that returns stray memory bytes or crashes the consumer. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with network reachability to a Connext Micro participant sends a malformed RTPS/DDS message with crafted length or sequence fields that cause the Core Libraries to read past the end of a parsing buffer; the resulting behavior is most likely a crash of the subscriber/publisher process (availability impact) or, in some cases, leakage of small fragments of adjacent heap/stack memory back into protocol responses or logs. On a flat OT network where DDS endpoints are reachable from a compromised engineering workstation or rogue device, this could be repeatedly triggered to deny service to critical telemetry consumers. …
Remediation Upgrade RTI Connext Micro to version 4.3.0 or later, which is the first version outside the affected range per the vendor's own range specification (Vendor-released patch: 4.3.0; consult https://www.rti.com/vulnerabilities/#cve-2026-30802 for the definitive fixed build). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

24 hours: Identify and document all systems running RTI Connext Micro Core Libraries versions 4.0.0-4.2.x by searching application manifests, vendor bills-of-materials, and container registries. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-30802 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy