Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's integrity, leak sensitive information, or crash the service. These attacks could be done via a remote malicious RTPS message; a compromised call with malicious parameters to the RTI_RoutingService_new, rti::recording::Service, RTI_QueuingService_new, or RTI_CDS_Service_new public APIs; or a compromised local file system containing a malicious XML file.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
RTI Connext Professional 安全漏洞
Vulnerability Description
RTI Connext Professional是美国RTI公司的一个专为满足工业物联网 (IIoT) 的苛刻要求而设计的连接平台。 RTI Connext Professional 5.3.1版本至6.1.1之前版本存在安全漏洞,该漏洞源于存在缓冲区溢出,攻击者可以利用受影响服务的权限执行代码,从而导致服务崩溃。
CVSS Information
N/A
Vulnerability Type
N/A