Cryptolib Security Vulnerabilities and Issues — Cryptolib CVE List

Lucene search

NasaCryptolib

5 matches found

CVE•added 2025/04/01 10:15 p.m.•56 views

CVE-2025-30356

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists ...

9.8CVSS7.6AI score0.0053EPSS

CVE•added 2025/04/27 1:15 a.m.•50 views

CVE-2025-46675

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.

4.2CVSS4.1AI score0.0004EPSS

CVE•added 2025/04/27 1:15 a.m.•49 views

CVE-2025-46673

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS).

9.9CVSS5.2AI score0.00061EPSS

CVE•added 2025/04/27 1:15 a.m.•48 views

CVE-2025-46674

NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.

9.9CVSS4AI score0.0007EPSS

CVE•added 2025/04/27 1:15 a.m.•39 views

CVE-2025-46672

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.

8.8CVSS4.1AI score0.00046EPSS