CVE-2025-1254

Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42.

CVSS v3 7.4 HIGH

7.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.rti.com/vulnerabilities/#cve-2025-1254	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:rti:connext_professional::::::::
	cpe:2.3:a:rti:connext_professional::::::::
	cpe:2.3:a:rti:connext_professional::::::::
	cpe:2.3:a:rti:connext_professional::::::::

History

31 Jul 2025, 14:15

Type	Values Removed	Values Added
Summary	(en) Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.0.0 before 6.1.2.23.	(en) Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Recording Service) allows Overflow Buffers, Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.1.0 before 6.1.2.23, from 6.0.0 before 6.0.1.42.

05 Jun 2025, 14:30

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.4
First Time		Rti connext Professional Rti
Summary		(es) La vulnerabilidad de lectura fuera de los límites y escritura fuera de los límites en RTI Connext Professional (Core Libraries) permite búferes de sobrelectura y búferes de desbordamiento. Este problema afecta a Connext Professional: desde la versión 7.4.0 hasta la 7.5.0, desde la versión 7.0.0 hasta la 7.3.0.7 y desde la versión 6.0.0 hasta la 6.1.2.23.
CPE		cpe:2.3:a:rti:connext_professional::::::::
References	~~() https://www.rti.com/vulnerabilities/#cve-2025-1254 -~~	() https://www.rti.com/vulnerabilities/#cve-2025-1254 - Vendor Advisory

08 May 2025, 09:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-08 09:15

Updated : 2025-07-31 14:15

NVD link : CVE-2025-1254

Mitre link : CVE-2025-1254

CVE.ORG link : CVE-2025-1254

JSON object : View

Products Affected

rti

connext_professional

CWE

CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

7.4 /10