Nasa

Cryptolib

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-64096

Exploit
  • EPSS 0.22%
  • Veröffentlicht 30.10.2025 17:15:40
  • Zuletzt bearbeitet 11.11.2025 01:53:25

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prier to 1.4.2, the...

7.8

CVE-2025-59534

Exploit
  • EPSS 0.04%
  • Veröffentlicht 23.09.2025 19:15:41
  • Zuletzt bearbeitet 08.10.2025 17:41:50

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1....

8.6

CVE-2025-54878

Exploit
  • EPSS 0.12%
  • Veröffentlicht 11.08.2025 21:15:28
  • Zuletzt bearbeitet 27.08.2025 14:06:13

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A heap buffer overf...

4.2

CVE-2025-46675

Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.04.2025 01:15:44
  • Zuletzt bearbeitet 12.05.2025 19:34:47

In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.

9.9

CVE-2025-46674

Medienbericht Exploit
  • EPSS 0.06%
  • Veröffentlicht 27.04.2025 01:15:44
  • Zuletzt bearbeitet 29.05.2025 14:02:03

NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.

9.9

CVE-2025-46673

Medienbericht Exploit
  • EPSS 0.06%
  • Veröffentlicht 27.04.2025 01:15:44
  • Zuletzt bearbeitet 29.05.2025 14:02:33

NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS).

8.8

CVE-2025-46672

Medienbericht Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.04.2025 01:15:44
  • Zuletzt bearbeitet 29.05.2025 15:48:16

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.

9.8

CVE-2025-30356

Exploit
  • EPSS 0.15%
  • Veröffentlicht 01.04.2025 22:15:21
  • Zuletzt bearbeitet 29.04.2025 14:20:48

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlie...

9.1

CVE-2025-30216

Exploit
  • EPSS 5.63%
  • Veröffentlicht 25.03.2025 19:22:22
  • Zuletzt bearbeitet 06.05.2025 19:34:21

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 a...

9.8

CVE-2025-29913

Exploit
  • EPSS 0.45%
  • Veröffentlicht 17.03.2025 22:50:49
  • Zuletzt bearbeitet 07.05.2025 20:41:34

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buf...