Below are known issues in Vortex Cafe. See this article for Fixed Bugs and Changes in Vortex Cafe.
When using DDS Security, activating only some RTPS protection but no data nor metadata protection does not prevent write privileges escalation.
When rtps_protection_kind is set to SIGN, ENCRYPT, SIGN_WITH_ORIGIN_AUTHENTICATION or ENCRYPT_WITH_ORIGIN_AUTHENTICATION, the whole RTPS messages are signed or encrypted. But, if no data_protection nor metadata_protection is activated, a malicious process with some certificates but limited write access could
Authenticate with other participants.
Retrieve the GUID of a remote RTPS writer that has write access to some topics.
Send non signed nor encrypted RTPS messages containing malicious data and using the GUID of the allowed writer. Cafe will not be able to check the source of the message and accept the data.
If some data_protection or metadata_protection is activated, Cafe will perform the proper checks and reject any received unsecured messages that should have been secured.