{"cve":{"cve_id":"CVE-2024-52060","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00309,"epss_percentile":0.22417,"epss_as_of":"2026-06-23","description":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service) allows Buffer Overflow via Environment Variables.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.1.45.","published_at":"2024-12-13T10:19:22.641000Z","last_modified_at":null,"cvss_v3_score":null,"cvss_v3_vector":null,"cvss_v3_severity":null,"cvss_v4_score":8.3,"cvss_v4_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N","cvss_v4_severity":"HIGH","ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":true,"ssvc_technical_impact":"partial","cwes":["CWE-120"],"nvd_references":["https://www.rti.com/vulnerabilities/#cve-2024-52060"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T02:14:17.967686Z"},"effective_severity":"HIGH","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":null,"metrics":[]},"cvss_v4_decoded":{"version":"4.0","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"AT","name":"Attack Requirements","value":"P","value_label":"Present"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"VC","name":"Confidentiality (Vulnerable System)","value":"N","value_label":"None"},{"metric":"VI","name":"Integrity (Vulnerable System)","value":"H","value_label":"High"},{"metric":"VA","name":"Availability (Vulnerable System)","value":"L","value_label":"Low"},{"metric":"SC","name":"Confidentiality (Subsequent System)","value":"N","value_label":"None"},{"metric":"SI","name":"Integrity (Subsequent System)","value":"N","value_label":"None"},{"metric":"SA","name":"Availability (Subsequent System)","value":"N","value_label":"None"}]},"affected":[{"vendor_slug":"rti","vendor_name":"RTI","product_slug":"connext-professional","product_name":"Connext Professional","version_start":"7.0.0","version_start_inclusive":true,"version_end":"7.3.0.5","version_end_inclusive":false,"cpe23_uri":"cve5:rti:connext-professional:7.0.0:7.3.0.5"},{"vendor_slug":"rti","vendor_name":"RTI","product_slug":"connext-professional","product_name":"Connext Professional","version_start":"6.1.0","version_start_inclusive":true,"version_end":"6.1.2.21","version_end_inclusive":false,"cpe23_uri":"cve5:rti:connext-professional:6.1.0:6.1.2.21"},{"vendor_slug":"rti","vendor_name":"RTI","product_slug":"connext-professional","product_name":"Connext Professional","version_start":"6.0.0","version_start_inclusive":true,"version_end":"6.0.1.40","version_end_inclusive":false,"cpe23_uri":"cve5:rti:connext-professional:6.0.0:6.0.1.40"},{"vendor_slug":"rti","vendor_name":"RTI","product_slug":"connext-professional","product_name":"Connext Professional","version_start":"5.3.0","version_start_inclusive":true,"version_end":"5.3.1.45","version_end_inclusive":false,"cpe23_uri":"cve5:rti:connext-professional:5.3.0:5.3.1.45"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2024-52060","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-12-13T10:19:22.641000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:38:52.457228Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:38:52.457228Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:38:52.457228Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T02:14:17.967686Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:14:17.967686Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:14:17.967686Z","label":"SSVC decision revised","source":"vulnrichment"}]}