RTI Connext Professional CVE-2026-7300
HIGHSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Web Integration Service is network-reachable with no auth or user interaction; overflow yields a service crash (A:H) with limited memory disclosure/corruption (C:L/I:L), no scope change.
Primary rating from Vendor (RTI).
CVSS VectorVendor: RTI
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Web Integration Service) allows Filter Failure through Buffer Overflow.This issue affects Connext Professional: from 7.4.0 before 7.*, from 7.0.0 before 7.3.1.3, from 6.1.2 before 6.1.*.
AnalysisAI
Remote denial of service and partial data exposure in RTI Connext Professional's Web Integration Service results from a classic buffer overflow (CWE-120) reachable over the network without authentication. Versions 7.4.0 before 7.x, 7.0.0 before 7.3.1.3, and 6.1.2 before 6.1.x are vulnerable, and no public exploit identified at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires network reachability to the RTI Connext Professional Web Integration Service component specifically - deployments that do not enable or expose the Web Integration Service are not exploitable through this flaw. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector AV:N/AC:L/AT:N/PR:N/UI:N indicates a fully remote, unauthenticated, low-complexity attack with no user interaction - the highest-exposure precondition profile. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can reach the Web Integration Service over the network sends a single crafted HTTP or WebSocket request containing an oversized field that bypasses the input filter and overflows a fixed-size buffer in the parsing routine. The Web Integration Service crashes, severing the bridge between DDS topics and web clients and disrupting real-time data flow to operator dashboards or downstream consumers; no public exploit identified at time of analysis, so this remains a theoretical chain pending vendor or third-party PoC release. |
| Remediation | Upgrade RTI Connext Professional to 7.3.1.3 or later on the 7.0-7.3 branch, and to the fixed 6.1.x or 7.4.x maintenance release as published by RTI per https://www.rti.com/vulnerabilities/#cve-2026-7300 (Vendor-released patch: 7.3.1.3 for the 7.0-7.3 line; consult the advisory for exact 6.1.x and 7.4.x fix builds). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all systems running RTI Connext Professional versions 7.0.0 through 7.3.1.2, 6.1.2, and earlier; enable detailed logging for Web Integration Service access. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Connext Professional
View allRemote heap-based buffer overflow in RTI Connext Professional Core Libraries allows unauthenticated network attackers to
Out-of-bounds read in RTI Connext Professional Core Libraries allows remote unauthenticated attackers to read beyond int
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Profes
XML External Entity (XXE) injection in RTI Connext Professional's Core Libraries allows remote unauthenticated attackers
XML External Entity (XXE) injection in RTI Connext Professional routing and service components allows remote unauthentic
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in RTI Connext
Network traffic sniffing in RTI Connext Professional 7.2.0-7.3.0 and 7.4.0-7.6.x exposes private personal information to
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routin
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core L
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core L
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routin
In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Rec
Same weakness CWE-120 – Classic Buffer Overflow
View allSame technique Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today