In RTI Connext Professional 5.3.1 through 6.1.0 before 6.1.1, a buffer overflow in XML parsing from Routing Service, Recording Service, Queuing Service, and Cloud Discovery Service allows attackers to execute code with the affected service's privileges, compromise the service's integrity, leak sensitive information, or crash the service. These attacks could be done via a remote malicious RTPS message; a compromised call with malicious parameters to the RTI_RoutingService_new, rti::recording::Service, RTI_QueuingService_new, or RTI_CDS_Service_new public APIs; or a compromised local file system containing a malicious XML file.
                
            Metrics
Affected Vendors & Products
References
        History
                    Tue, 21 Oct 2025 11:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Rti connext Professional | |
| CPEs | cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:* cpe:2.3:a:rti:connext_professional:6.1.0:*:*:*:*:*:*:* | |
| Vendors & Products | Rti connext Professional | 
Sat, 12 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | epss 
 | epss 
 | 
Thu, 13 Feb 2025 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Rti Rti connext Dds Professional | |
| CPEs | cpe:2.3:a:rti:connext_dds_professional:5.3.1:*:*:*:*:*:*:* | |
| Vendors & Products | Rti Rti connext Dds Professional | |
| Metrics | ssvc 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2025-08-27T15:41:02.700Z
Reserved: 2024-02-11T00:00:00.000Z
Link: CVE-2024-25724
 Vulnrichment
                        Vulnrichment
                    Updated: 2024-08-01T23:52:06.271Z
 NVD
                        NVD
                    Status : Analyzed
Published: 2024-05-21T19:15:09.557
Modified: 2025-10-21T11:34:59.940
Link: CVE-2024-25724
 Redhat
                        Redhat
                    No data.