CVE-2025-29909
Published: 17 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-29909 is a heap buffer overflow vulnerability (CWE-191, CWE-787) affecting CryptoLib versions 1.3.3 and prior. CryptoLib is a software-only library that implements the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between spacecraft running NASA's core Flight System (cFS) and ground stations. The issue resides in the `Crypto_TC_ApplySecurity()` function, where processing a specially crafted Telecommand (TC) frame triggers out-of-bounds memory writes.
The vulnerability is exploitable over the network by unauthenticated attackers with low complexity, as indicated by its CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Any application or system relying on CryptoLib for TC processing without strict validation of incoming frames is vulnerable, including satellite ground stations and mission control software. Successful exploitation can cause denial of service (DoS) through crashes or, under certain conditions, remote code execution (RCE) via controlled memory corruption.
Mitigation is available via a patch in CryptoLib commit c7e8a8745ff4b5e9bd7e500e91358e86d5abedcc. Security advisories, including GHSA-q2pc-c3jx-3852 on the NASA CryptoLib GitHub repository, provide further details on the fix and affected configurations. Practitioners should update to the patched version and implement input validation for TC frames.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The CVE describes a remotely exploitable (AV:N, unauthenticated) heap buffer overflow in CryptoLib's TC frame processing function leading to RCE or DoS in ground station/mission control software, directly enabling exploitation of public-facing or network-accessible applications.