CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-54878 – Heap Buffer Overflow in NASA CryptoLib 1.4.0 `Crypto_TC_Check_IV_Setup`
https://notcve.org/view.php?id=CVE-2025-54878
11 Aug 2025 — CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A heap buffer overflow vulnerability exists in NASA CryptoLib version 1.4.0 and prior in the IV setup logic for telecommand frames. The problem arises from missing bounds checks when copying the Initialization Vector (IV) into a freshly allocated buffer. An attacker can supply a c... • https://github.com/nasa/CryptoLib/commit/9b5b294ec09da450d2d4d05aea2db604ead48be1 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46673
https://notcve.org/view.php?id=CVE-2025-46673
27 Apr 2025 — NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS). • https://github.com/nasa/CryptoLib/compare/v1.3.0...v1.3.1 • CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46674
https://notcve.org/view.php?id=CVE-2025-46674
27 Apr 2025 — NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle. • https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2 • CWE-489: Active Debug Code •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46675
https://notcve.org/view.php?id=CVE-2025-46675
27 Apr 2025 — In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking. • https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2 • CWE-913: Improper Control of Dynamically-Managed Code Resources •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46672
https://notcve.org/view.php?id=CVE-2025-46672
27 Apr 2025 — NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking. • https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2 • CWE-252: Unchecked Return Value •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30356 – Heap Buffer Overflow via Incomplete Length Check in `Crypto_TC_ApplySecurity`
https://notcve.org/view.php?id=CVE-2025-30356
01 Apr 2025 — CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In 1.3.3 and earlier, a heap buffer overflow vulnerability persists in the Crypto_TC_ApplySecurity function due to an incomplete validation check on the fl (frame length) field. Although CVE-2025-29912 addressed an underflow issue involving fl, the patch fails to fully prevent uns... • https://github.com/nasa/CryptoLib/commit/59d1bce7608c94c6131ef4877535075b0649799c • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 9.7EPSS: 3%CPEs: 1EXPL: 1CVE-2025-30216 – CryptoLib Has Heap Overflow in Crypto_TM_ProcessSecurity due to Unchecked Secondary Header Length
https://notcve.org/view.php?id=CVE-2025-30216
25 Mar 2025 — CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in the `Crypto_TM_ProcessSecurity` function (`crypto_tm.c:1735:8`). When processing the Secondary Header Length of a TM protocol packet, if the Secondary Header Length exceeds the packet's total length, a heap overf... • https://github.com/oliviaisntcringe/CVE-2025-30216-PoC • CWE-122: Heap-based Buffer Overflow •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29913 – CryptoLib's Crypto_TC_Prep_AAD Has Buffer Overflow Due to Integer Underflow
https://notcve.org/view.php?id=CVE-2025-29913
17 Mar 2025 — CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_TC_Prep_AAD` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a maliciousl... • https://github.com/nasa/CryptoLib/security/advisories/GHSA-q4v2-fvrv-qrf6 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 8.9EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29912 – CryptoLib Has Heap Buffer Overflow Due to Unsigned Integer Underflow in Crypto_TC_ProcessSecurity
https://notcve.org/view.php?id=CVE-2025-29912
17 Mar 2025 — CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Crypto_TC_ProcessSecurity` function of CryptoLib leads to a heap buffer overflow. The vulnerability is triggered when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0. This underflow causes th... • https://github.com/nasa/CryptoLib/commit/ca39cb96f21e76102aefb956d2c8c0ba0bd143ca • CWE-122: Heap-based Buffer Overflow CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2025-29911 – CryptoLib Has Heap Buffer Overflow in Crypto_AOS_ProcessSecurity Function
https://notcve.org/view.php?id=CVE-2025-29911
17 Mar 2025 — CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. A critical heap buffer overflow vulnerability was identified in the `Crypto_AOS_ProcessSecurity` function of CryptoLib versions 1.3.3 and prior. This vulnerability allows an attacker to trigger a Denial of Service (DoS) or potentially execute arbitrary code (RCE) by providing a ma... • https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68 • CWE-122: Heap-based Buffer Overflow •