NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link Security protocol (SDLS).
References
Link | Resource |
---|---|
https://github.com/nasa/CryptoLib/compare/v1.3.0...v1.3.1 | Product |
https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2 | Product |
https://github.com/nasa/CryptoLib/pull/286 | Product |
https://github.com/nasa/CryptoLib/pull/306 | Product |
https://securitybynature.fr/post/hacking-cryptolib/ | Exploit Press/Media Coverage |
https://securitybynature.fr/post/hacking-cryptolib/ | Exploit Press/Media Coverage |
Configurations
History
29 May 2025, 14:02
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/nasa/CryptoLib/compare/v1.3.0...v1.3.1 - Product | |
References | () https://github.com/nasa/CryptoLib/compare/v1.3.1...v1.3.2 - Product | |
References | () https://github.com/nasa/CryptoLib/pull/286 - Product | |
References | () https://github.com/nasa/CryptoLib/pull/306 - Product | |
References | () https://securitybynature.fr/post/hacking-cryptolib/ - Exploit, Press/Media Coverage | |
First Time |
Nasa cryptolib
Nasa |
|
CPE | cpe:2.3:a:nasa:cryptolib:*:*:*:*:*:*:*:* |
29 Apr 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
References | () https://securitybynature.fr/post/hacking-cryptolib/ - |
29 Apr 2025, 13:52
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
27 Apr 2025, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-04-27 01:15
Updated : 2025-05-29 14:02
NVD link : CVE-2025-46673
Mitre link : CVE-2025-46673
CVE.ORG link : CVE-2025-46673
JSON object : View
Products Affected
nasa
- cryptolib
CWE
CWE-913
Improper Control of Dynamically-Managed Code Resources