Skip to main content

Connext Professional EUVDEUVD-2026-17765

| CVE-2026-4374 HIGH
Improper Restriction of XML External Entity Reference (CWE-611)
2026-04-01 RTI
8.8
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

8
Analysis Updated
Apr 21, 2026 - 00:13 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Apr 21, 2026 - 00:07 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 06:09 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
7.7.0,6.1.,6.0.
EUVD ID Assigned
Apr 01, 2026 - 01:45 euvd
EUVD-2026-17765
Analysis Generated
Apr 01, 2026 - 01:45 vuln.today
CVE Published
Apr 01, 2026 - 01:06 nvd
HIGH 8.8

DescriptionCVE.org

Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...

AnalysisAI

XML External Entity (XXE) injection in RTI Connext Professional routing and service components allows remote unauthenticated attackers to exfiltrate sensitive data and trigger denial of service conditions. Affects multiple product families (Routing Service, Observability Collector, Recording Service, Queueing Service, Cloud Discovery Service) across versions 5.3.0 through 7.6.x. CVSS 8.8 (High) with network vector and no authentication required. EPSS probability remains low (0.04%, 11th percentile) with no confirmed active exploitation per CISA. Vendor patch available via RTI advisory.

Technical ContextAI

This vulnerability exploits CWE-611 (Improper Restriction of XML External Entity Reference) in RTI Connext Professional's data distribution service components. XXE attacks occur when XML parsers process external entity references without proper sanitization, allowing attackers to inject malicious entity declarations. The affected components (Routing Service, Observability Collector, Recording Service, Queueing Service, Cloud Discovery Service) are middleware infrastructure services built on RTI's Data Distribution Service (DDS) for real-time systems communication. These services handle XML configuration files and serialized data formats, creating attack surface through XML processing. The truncated description mentions 'Serialized Data External Linking' and 'Data Serializat...' suggesting the vulnerability lies in how these services deserialize or process XML-formatted data streams. DDS implementations are commonly deployed in industrial control systems, medical devices, defense systems, and autonomous vehicles, making XXE exploitation particularly concerning in safety-critical environments.

RemediationAI

Upgrade to patched RTI Connext Professional versions: 7.7.0 or later for the 7.x branch, or version 7.3.1.1 for organizations on the 7.1-7.3 line. RTI has released patches per vendor advisory at https://www.rti.com/vulnerabilities/#cve-2026-4374. For versions 5.3.x, 6.0.x, and 6.1.x branches where no patch version is specified in available data, contact RTI support directly to obtain appropriate updates or migration guidance. If immediate patching is not feasible, implement these compensating controls: disable XML external entity processing in XML parser configurations used by affected services by setting features like disallow-doctype-decl=true and external-general-entities=false (consult RTI documentation for service-specific configuration paths). Restrict network access to affected service ports using firewall rules, limiting connectivity to only trusted DDS peers (trade-off: breaks cloud connectivity for Cloud Discovery Service). Deploy XML input validation proxies to filter entity declarations before data reaches vulnerable services (adds latency and operational complexity). Disable unused service components among the five affected types to reduce attack surface (may impact observability and routing functionality). Monitor XML processing logs for suspicious entity references or parsing errors as potential exploitation indicators. Note that restricting XML entity processing may break legitimate configurations that rely on external entity references for modular configuration management.

CVE-2026-2467 CRITICAL
9.2 Jun 17

Remote heap-based buffer overflow in RTI Connext Professional Core Libraries allows unauthenticated network attackers to

CVE-2026-3894 CRITICAL
9.2 Jun 17

Out-of-bounds read in RTI Connext Professional Core Libraries allows remote unauthenticated attackers to read beyond int

CVE-2024-52057 CRITICAL
9.1 Dec 13

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RTI Connext Profes

CVE-2026-7300 HIGH
8.8 Jun 17

Remote denial of service and partial data exposure in RTI Connext Professional's Web Integration Service results from a

CVE-2025-14543 HIGH
8.8 Apr 30

XML External Entity (XXE) injection in RTI Connext Professional's Core Libraries allows remote unauthenticated attackers

CVE-2024-52058 HIGH
8.6 Dec 13

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in RTI Connext

CVE-2025-10450 HIGH
8.3 Dec 16

Network traffic sniffing in RTI Connext Professional 7.2.0-7.3.0 and 7.4.0-7.6.x exposes private personal information to

CVE-2024-52066 HIGH
8.3 Dec 13

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routin

CVE-2024-52063 HIGH
8.3 Dec 13

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core L

CVE-2024-52061 HIGH
8.3 Dec 13

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core L

CVE-2024-52060 HIGH
8.3 Dec 13

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routin

CVE-2024-25724 HIGH
7.3 May 21

In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Rec

Share

EUVD-2026-17765 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy