eProsima Fast RTPS Access Control Plugin Remote Participant Connection Policy Bypass Vulnerability

eProsima Fast RTPS Access Control Plugin Remote Participant Connection Policy Bypass Vulnerability

CVE-2019-15136 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition permissions from remote participant connections, which can lead to policy bypass for a secure Data Distribution Service (DDS) partition.

Learn more about our Web Application Penetration Testing UK.