Browse all 25 CVE security advisories affecting RTI. AI-powered Chinese analysis, POCs, and references for each vulnerability.
RTI, primarily known for its Real-Time Publish-Subscribe (DDS) middleware, facilitates critical data exchange in aerospace, defense, and industrial automation sectors. With twenty-five recorded Common Vulnerabilities and Exposures, the software has historically exhibited significant security flaws, predominantly involving remote code execution and cross-site scripting. These vulnerabilities often stem from insufficient input validation and improper access controls within the communication protocols. Notably, several incidents have highlighted risks related to privilege escalation, allowing unauthorized users to gain elevated system access. The complexity of DDS implementations frequently exacerbates these issues, as misconfigurations can expose sensitive operational data to external threats. While essential for real-time systems, the middleware’s security posture requires rigorous patching and strict network segmentation to mitigate the potential for exploitation in high-stakes environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-38435 | RTI Connext DDS Professional and Connext DDS Secure Incorrect Calculation of Buffer Size — Connext DDS ProfessionalCWE-131 | 6.6 | Medium | 2022-05-05 |
| CVE-2021-38433 | RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow — Connext DDS ProfessionalCWE-121 | 6.6 | Medium | 2022-05-05 |
| CVE-2021-38427 | RTI Connext DDS Professional and Connext DDS Secure Stack-based Buffer Overflow — Connext DDS ProfessionalCWE-121 | 6.6 | Medium | 2022-05-05 |
This page lists every published CVE security advisory associated with RTI. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.