Skip to main content

RTI Connext Micro CVE-2026-30803

HIGH
Integer Underflow (CWE-191)
2026-06-17 RTI
8.8
CVSS 4.0 · Vendor: RTI
Share

Severity by source

Vendor (RTI) PRIMARY
8.8 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
9.1 CRITICAL

Remote RTPS message processed with no auth or UI (AV:N/AC:L/PR:N/UI:N); buffer over-read leaks memory (C:H) and underflow can crash the participant (A:H); no integrity impact.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (RTI).

CVSS VectorVendor: RTI

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jun 17, 2026 - 18:07 vuln.today

DescriptionCVE.org

Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.

AnalysisAI

Remote information disclosure and denial of service in RTI Connext Micro core libraries (versions 4.0.0 through 4.2.x) allow unauthenticated network attackers to trigger an integer underflow that results in an out-of-bounds buffer overread. Exploitation requires no authentication or user interaction and can leak sensitive memory contents while potentially crashing the affected process. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain reachability to DDS data bus
Delivery
Craft malformed RTPS submessage with underflow-triggering length
Exploit
Send to target Connext Micro participant
Execution
Integer underflow wraps length value
Persist
Parser performs out-of-bounds buffer read
Impact
Exfiltrate leaked memory or crash participant

Vulnerability AssessmentAI

Exploitation Attacker must be able to deliver a malformed RTPS/DDS message to a vulnerable Connext Micro participant running a version in the 4.0.0-4.2.x range; this typically requires logical reachability to the DDS data bus (same network segment, peered DDS domain, or an exposed RTPS port such as UDP 7400+). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The vendor CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H) describes a remote, unauthenticated, low-complexity attack yielding high confidentiality and availability impact, which is genuinely severe on paper. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with reachability to the DDS data bus (a compromised peer, a rogue device plugged into the in-vehicle/in-robot network, or a misconfigured exposed RTPS endpoint) sends a crafted RTPS submessage whose length field triggers the integer underflow in Connext Micro's core parsing routines. The resulting buffer over-read leaks adjacent process memory back to the attacker - potentially including DDS keys, sensor payloads, or other secrets - and may crash the participant, disrupting real-time control. …
Remediation Upgrade RTI Connext Micro to version 4.3.0 or later, which is the first release outside the vulnerable 4.0.0-4.2.x range per the vendor advisory at https://www.rti.com/vulnerabilities/#cve-2026-30803. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Inventory all systems running RTI Connext Micro 4.0.0-4.2.x; assess network accessibility and business criticality of each deployment. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-30803 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy