RTI Connext Micro CVE-2026-30803
HIGHSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Remote RTPS message processed with no auth or UI (AV:N/AC:L/PR:N/UI:N); buffer over-read leaks memory (C:H) and underflow can crash the participant (A:H); no integrity impact.
Primary rating from Vendor (RTI).
CVSS VectorVendor: RTI
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.
AnalysisAI
Remote information disclosure and denial of service in RTI Connext Micro core libraries (versions 4.0.0 through 4.2.x) allow unauthenticated network attackers to trigger an integer underflow that results in an out-of-bounds buffer overread. Exploitation requires no authentication or user interaction and can leak sensitive memory contents while potentially crashing the affected process. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Attacker must be able to deliver a malformed RTPS/DDS message to a vulnerable Connext Micro participant running a version in the 4.0.0-4.2.x range; this typically requires logical reachability to the DDS data bus (same network segment, peered DDS domain, or an exposed RTPS port such as UDP 7400+). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H) describes a remote, unauthenticated, low-complexity attack yielding high confidentiality and availability impact, which is genuinely severe on paper. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with reachability to the DDS data bus (a compromised peer, a rogue device plugged into the in-vehicle/in-robot network, or a misconfigured exposed RTPS endpoint) sends a crafted RTPS submessage whose length field triggers the integer underflow in Connext Micro's core parsing routines. The resulting buffer over-read leaks adjacent process memory back to the attacker - potentially including DDS keys, sensor payloads, or other secrets - and may crash the participant, disrupting real-time control. … |
| Remediation | Upgrade RTI Connext Micro to version 4.3.0 or later, which is the first release outside the vulnerable 4.0.0-4.2.x range per the vendor advisory at https://www.rti.com/vulnerabilities/#cve-2026-30803. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all systems running RTI Connext Micro 4.0.0-4.2.x; assess network accessibility and business criticality of each deployment. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Connext Micro
View allSame weakness CWE-191 – Integer Underflow
View allSame technique Integer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today