HarborGuardharborguardDatabase
Back to search
HIGHCVE-2026-30802Published Modified CNA RTI

CVE-2026-30802: Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.

Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0.

Metrics

CVSS v4.0
8.8
Severity
HIGH
Fixed in
4.3.0
Affected Products
1

Get notified

Email me when this CVE is updated: new fix versions, severity changes, or any record change.

HarborGuard Analysis

Synopsis

An out-of-bounds read vulnerability exists in the Core Libraries of RTI Connext Micro, a middleware library used in embedded and real-time systems. The flaw is reachable over the network with no authentication required, meaning any network-accessible instance running a version between 4.0.0 and 4.3.0 is exposed. Successful exploitation allows an attacker to read memory beyond the intended buffer boundaries and crash the affected service. A patched-image rebuild at version 4.3.0 is available on HarborGuard for environments running an affected version.

HarborGuard Coverage

Detection

Detection is available across every HarborGuard environment: the CVE is ingested from upstream feeds within minutes of publication and matched against all customer images, including custom-built images that bundle the RTI Connext Micro Core Libraries. Any image carrying a version from 4.0.0 up to but not including 4.3.0 is flagged automatically.

Available
Triage

HarborGuard scores this finding at CVSS 8.8 HIGH using the published v4.0 vector and weighs it against each environment's compliance policy to determine urgency and routing. The finding is then delivered to the appropriate team inbox within the customer organization based on ownership rules configured for that environment.

Available
Patch

A patched-image rebuild based on RTI Connext Micro 4.3.0 is available on HarborGuard for any environment where an affected image is detected. For customers who have opted into auto-remediation, HarborGuard performs the rebuild, runs a regression test suite against it, and opens a pull request against affected workloads automatically.

Available

Exploit Conditions

  • Network reachabilityRequired

    The vulnerable service must be reachable over the network; an attacker sends specially crafted input to the exposed endpoint without any need for a foothold on the host.

  • AuthenticationNot required

    No credentials or session token are needed; the attacker can interact with the service as an unauthenticated party.

  • Victim interactionNot required

    No user or operator action is required to trigger the vulnerability; the attacker drives the entire exploit remotely.

  • Attack complexityDetail

    Attack complexity is low, meaning the exploit is reliable and does not depend on race conditions, memory layout randomization, or other environmental preconditions.

Blast Radius

  • An attacker reads memory contents beyond the intended buffer boundary, which exposes fragments of in-process data such as message payloads or internal state.
  • Confidentiality impact is partial (VC:L): the attacker gains limited read access to memory but does not obtain full control over what is disclosed.
  • The affected service crashes due to the invalid memory access (VA:H), causing a denial of service for any system or device depending on the Connext Micro middleware.
  • Data integrity and downstream systems are not affected by this exploit path based on the published CVSS vector.

How HarborGuard Handles This

Available on HarborGuard: detection for this CVE is active and matches against all scanned images the moment the advisory is ingested, with no manual configuration required. Where a customer's images contain RTI Connext Micro versions from 4.0.0 up to 4.3.0, a rebuilt image pinned to the fixed version 4.3.0 is made available. For customers who opt into auto-remediation, the typical flow for a HIGH-severity CVE involves a rebuilt image, an automated regression run, and a pull request opened against affected workloads, with a median time from CVE publication to merged patch PR of around 90 minutes in environments with auto-remediation enabled. Customers who manage remediation manually can retrieve the flagged findings and the 4.3.0 rebuild reference from the HarborGuard dashboard to act on their own schedule. Given the network-accessible, no-authentication nature of this flaw and the high availability impact, prioritizing the upgrade to 4.3.0 is advisable, particularly for any Connext Micro instances exposed outside a trusted network segment.

See how HarborGuard automates this

Fix available

4.3.0
Affected packages
  • RTI / Connext Micro
    < 4.3.0 (from 4.0.0)
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
References