rti CVE Vulnerabilities & Metrics

Focus on rti vulnerabilities and metrics.

Last updated: 29 Jun 2025, 22:25 UTC

About rti Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with rti. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total rti CVEs: 7
Earliest CVE date: 05 May 2022, 17:15 UTC
Latest CVE date: 08 May 2025, 09:15 UTC

Latest CVE reference: CVE-2025-1254

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 3

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): -100.0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): -100.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical rti CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 3.3

Max CVSS: 7.5

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	3
4.0-6.9	3
7.0-8.9	1
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS rti CVEs

These are the five CVEs with the highest CVSS scores for rti, sorted by severity first and recency.

CVE-2021-38435 rti Published on 05 May 2022, 17:15 UTC (CVSS: 7.5)
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow.
CVE-2021-38487 rti Published on 05 May 2022, 17:15 UTC (CVSS: 6.4)
RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.
CVE-2021-38433 rti Published on 05 May 2022, 17:15 UTC (CVSS: 4.6)
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.
CVE-2021-38427 rti Published on 05 May 2022, 17:15 UTC (CVSS: 4.6)
RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.
CVE-2025-1254 rti Published on 08 May 2025, 09:15 UTC (CVSS: 0)
Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.0.0 before 6.1.2.23.

All CVEs for rti

CVE-2025-1254 rti vulnerability CVSS: 0 08 May 2025, 09:15 UTC

Out-of-bounds Read, Out-of-bounds Write vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 6.0.0 before 6.1.2.23.

CVE-2025-1253 rti vulnerability CVSS: 0 08 May 2025, 09:15 UTC

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 4.5 before 6.1.2.23.

CVE-2025-1252 rti vulnerability CVSS: 0 08 May 2025, 09:15 UTC

Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before 7.3.0.7, from 4.4 before 6.1.2.23.

CVE-2021-38487 rti vulnerability CVSS: 6.4 05 May 2022, 17:15 UTC

RTI Connext Professional versions 4.1 to 6.1.0, and Connext Micro versions 2.4 and later are vulnerable when an attacker sends a specially crafted packet to flood target devices with unwanted traffic. This may result in a denial-of-service condition and information exposure.

CVE-2021-38435 rti vulnerability CVSS: 7.5 05 May 2022, 17:15 UTC

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow.

CVE-2021-38433 rti vulnerability CVSS: 4.6 05 May 2022, 17:15 UTC

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.

CVE-2021-38427 rti vulnerability CVSS: 4.6 05 May 2022, 17:15 UTC

RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code.