Lucene search
K
NasaCore Flight System

8 matches found

CVE
CVE
added 2025/03/25 12:0 a.m.82 views

CVE-2025-25372

CVE-2025-25372 affects NASA cFS (Core Flight System) Aquila. A malicious telecommand can trigger a segmentation fault in the Memory Management Module, potentially causing memory corruption and availability impact. The NVD entry lists CVSSv3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (base 7.5, HIGH)....

7.5CVSS7.1AI score0.00458EPSS
CVE
CVE
added 2025/03/25 12:0 a.m.79 views

CVE-2025-25374

Technical details about CVE-2025-25374 are not publicly available in the provided connected documents. Monitor for updates if more specifics on affected products, impact, and fixes are released.

7.5CVSS7AI score0.00503EPSS
CVE
CVE
added 2025/03/25 12:0 a.m.70 views

CVE-2025-25371

CVE-2025-25371 affects NASA cFS Core Flight System Aquila OSAL module, with a path traversal vulnerability that can override arbitrary files. The impact is confidentiality loss (C:H) per CVSS, but exploitation details are not provided in the connected documents. No remediation details are present...

7.5CVSS7.2AI score0.00572EPSS
CVE
CVE
added 2025/03/25 12:0 a.m.62 views

CVE-2025-25373

The CVE-2025-25373 entry concerns the Memory Management Module of NASA cFS (Core Flight System) Aquila, which has insecure permissions that can be exploited to achieve remote code execution on the platform. The vulnerability impacts the Aquila component and its memory management functions as desc...

9.8CVSS7.3AI score0.00483EPSS
CVE
CVE
added 2026/04/03 5:0 p.m.28 views

CVE-2026-5474

CVE-2026-5474 affects NASA cFS up to 7.0.0. The vulnerability is in CFE_MSG_GetSize (file apps/to_lab/fsw/src/to_lab_passthru_encode.c, CCSDS Packet Header Handler) and results in a heap-based buffer overflow when manipulated. Exploitation requires local network access. Multiple sources (NVD, Red...

8.8CVSS7AI score0.00374EPSS
CVE
CVE
added 2026/04/03 4:30 p.m.17 views

CVE-2026-5473

CVE-2026-5473 affects NASA cFS (up to 7.0.0). The vulnerable element is the Pickle Module’s pickle.load, enabling deserialization. The attack is local, requires a high level of complexity, and exploitation is deemed difficult. Public disclosure exists, and the project was informed via an issue bu...

7CVSS5AI score0.00223EPSS
CVE
CVE
added 2026/04/03 5:30 p.m.13 views

CVE-2026-5476

CVE-2026-5476 affects NASA cFS up to 7.0.0 on 32-bit. The vulnerability is in CFE_TBL_ValidateCodecLoadSize (cfe/modules/tbl/fsw/src/cfe_tbl_passthru_codec.c) and is caused by an integer overflow. The documented attack complexity is high and exploitability is described as difficult. A fix is plan...

4.6CVSS5.5AI score0.00209EPSS
CVE
CVE
added 2026/04/03 5:15 p.m.9 views

CVE-2026-5475

NASA cFS up to 7.0.0 contains a memory corruption vulnerability in the CCSDS Header Size Handler. The affected function is CFE_SB_TransmitMsg in cfe_sb_priv.c, within the CCSDS Header Size Handler component. The issue is triggered by a manipulation of input leading to memory corruption. The CVE e...

5.5CVSS6AI score0.00218EPSS