Description
Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.
Published: 2026-06-17
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability enables an attacker to read memory beyond the boundary of a buffer within RTI Connext Micro’s core libraries. Because the offending read accesses data stored adjacent to the intended buffer, sensitive information that resides in that memory area may be exposed. The weakness is classified as CWE‑125, a classic out‑of‑bounds read flaw that results in unintended information disclosure.

Affected Systems

The affected product is RTI Connext Micro. All releases from 4.0.0 up to, but not including, 4.3.0 contain the vulnerable code. Deployments that have not applied the patch or upgraded to a newer release are potentially impacted.

Risk and Exploitability

The CVSS score of 8.8 signals high severity, but the EPSS score of less than 1% indicates a low likelihood of exploitation in the immediate future. Because it is not listed in CISA’s KEV catalog, no widespread exploitation has been observed. The available data does not detail specific attack conditions; the likely attack vector, inferred from the vulnerability’s nature, would involve the application possessing local or embedded access that can trigger the overread, while remote exploitation requires additional context that is not specified.

Generated by OpenCVE AI on June 18, 2026 at 21:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to RTI Connext Micro version 4.3.0 or later, which contains the fixed core library code.
  • If an upgrade cannot be performed immediately, review all custom code paths that access the vulnerable buffer and add explicit bounds checks to prevent reads beyond the buffer’s limits.
  • Apply operating‑system or application‑level memory protection mechanisms, such as address space layout randomization and stack protection, to reduce the visibility of any memory that is over‑read at runtime.

Generated by OpenCVE AI on June 18, 2026 at 21:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Description Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.
Title Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.
First Time appeared Rti
Rti connext Micro
Weaknesses CWE-125
CPEs cpe:2.3:a:rti:connext_micro:*:*:*:*:*:*:*:*
Vendors & Products Rti
Rti connext Micro
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Rti Connext Micro
cve-icon MITRE

Status: PUBLISHED

Assigner: RTI

Published:

Updated: 2026-06-17T17:58:42.143Z

Reserved: 2026-03-05T14:43:37.192Z

Link: CVE-2026-30802

cve-icon Vulnrichment

Updated: 2026-06-17T17:58:38.260Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T21:30:16Z

Weaknesses