Description
Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.
Published: 2026-06-17
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability is an integer underflow (wrap or wraparound) in the core libraries of RTI Connext Micro that allows overreading of buffer contents. Because the underflow causes the library to read beyond the intended buffer boundary, attackers could potentially read sensitive memory, resulting in information disclosure. The weakness aligns with CWE‑191, which covers integer overflow and underflow errors.

Affected Systems

Affected systems include RTI Connext Micro Core Libraries from version 4.0.0 up to, but not including, 4.3.0. Any deployment running one of these versions is susceptible. The CVE notes only the core libraries, so applications built on top of Connext Micro that rely on these libraries are in risk if they have not updated.

Risk and Exploitability

The CVSS base score is 8.8, indicating a high‑severity flaw. EPSS is below 1 %, suggesting that exploitation probability is low, and the vulnerability is not currently listed in the CISA KEV catalog. Likely attack vectors involve sending crafted data packets to a Connext Micro process over the network; the exploit requires an attacker who can reach the vulnerable instance, possibly through publicly exposed ports or insecure remote access. Until a fix is applied, attackers could use this overread to glean confidential data or disrupt application operation.

Generated by OpenCVE AI on June 18, 2026 at 19:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade RTI Connext Micro to version 4.3.0 or later, which includes the fix for the integer underflow issue.
  • If an immediate upgrade cannot be deployed, isolate the Connext Micro installation behind a firewall or VPN so that only trusted hosts can communicate with it, reducing the attack surface.
  • Enable application‑level logging and monitoring to detect abnormal data traffic that might trigger memory overreads, and investigate any alerts promptly.

Generated by OpenCVE AI on June 18, 2026 at 19:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 18 Jun 2026 04:45:00 +0000

Type Values Removed Values Added
Description Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.
Title Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.
First Time appeared Rti
Rti connext Micro
Weaknesses CWE-191
CPEs cpe:2.3:a:rti:connext_micro:*:*:*:*:*:*:*:*
Vendors & Products Rti
Rti connext Micro
References
Metrics cvssV4_0

{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Subscriptions

Rti Connext Micro
cve-icon MITRE

Status: PUBLISHED

Assigner: RTI

Published:

Updated: 2026-06-17T17:58:17.787Z

Reserved: 2026-03-05T14:43:37.192Z

Link: CVE-2026-30803

cve-icon Vulnrichment

Updated: 2026-06-17T17:58:13.988Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T20:30:05Z

Weaknesses
  • CWE-191

    Integer Underflow (Wrap or Wraparound)