CVE-2025-29911

CriticalPublic PoC

Published: 17 March 2025

Published

17 March 2025

Modified

30 April 2025

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0076 73.4th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

Security Summary

CryptoLib, a NASA-developed software library implementing the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) for securing communications between spacecraft running the core Flight System (cFS) and ground stations, contains a critical heap buffer overflow vulnerability in versions 1.3.3 and prior. Identified as CVE-2025-29911, the flaw resides in the `Crypto_AOS_ProcessSecurity` function during processing of the Frame Error Control Field (FECF). The vulnerable code reads from the `p_ingest` buffer at offsets `current_managed_parameters_struct.max_frame_size - 2` and `current_managed_parameters_struct.max_frame_size - 1` without checking if the input length `len_ingest` meets or exceeds `max_frame_size`, resulting in a buffer overflow when the AOS frame length is insufficient. This issue maps to CWE-122 (Heap-based Buffer Overflow) and CWE-787 (Out-of-bounds Write), with a CVSS v3.1 base score of 9.8.

A remote, unauthenticated attacker (AV:N/AC:L/PR:N/UI:N) can exploit this vulnerability over the network with low complexity and no user interaction by sending a maliciously crafted AOS frame. Successful exploitation reliably triggers a denial of service (DoS) due to the crash from the heap overflow, and may enable remote code execution (RCE) depending on the environment, granting high confidentiality, integrity, and availability impacts (C:H/I:H/A:H).

The primary advisory, published on the NASA CryptoLib GitHub repository (GHSA-7g6g-9gj4-8c68), confirms no patched versions exist as of the CVE publication date. Security practitioners should monitor for updates from the repository, implement input validation on AOS frame lengths prior to processing, and consider network segmentation or disabling affected CryptoLib functionality until patches are available.

This vulnerability affects space mission critical infrastructure, highlighting risks in satellite-ground communications where tampered frames could originate from compromised ground links or signal replay attacks, though no public evidence of real-world exploitation has been reported.

Details

CWE(s): CWE-122CWE-787

Affected Products

nasa

cryptolib

all versions

MITRE ATT&CK Enterprise Techniques

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1499.004 Application or System Exploitation Impact

Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.

attack.mitre.org →

Why these techniques?

Remote unauthenticated network exploitation of heap buffer overflow in frame processing enables initial access via public-facing application exploitation (T1190) and denial of service via application/system exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68
Exploit, Vendor Advisory · security-advisories@github.com
https://github.com/nasa/CryptoLib/security/advisories/GHSA-7g6g-9gj4-8c68
Exploit, Vendor Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0