CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25371
https://notcve.org/view.php?id=CVE-2025-25371
25 Mar 2025 — NASA cFS (Core Flight System) Aquila is vulnerable to path traversal in the OSAL module, allowing the override of any arbitrary file on the system. • https://visionspace.com/nasa-cfs-version-aquila-software-vulnerability-assessment • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25372
https://notcve.org/view.php?id=CVE-2025-25372
25 Mar 2025 — NASA cFS (Core Flight System) Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module. • https://visionspace.com/nasa-cfs-version-aquila-software-vulnerability-assessment • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25373
https://notcve.org/view.php?id=CVE-2025-25373
25 Mar 2025 — The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform. • https://visionspace.com/nasa-cfs-version-aquila-software-vulnerability-assessment • CWE-732: Incorrect Permission Assignment for Critical Resource •