Summary: A critical security vulnerability identified in CryptoLib, a software implementation of the CCSDS Space Data Link Security Protocol, poses significant risks for spacecraft communication. The CVE-2025-30216 flaw, a heap overflow, can lead to arbitrary code execution and system instability. It is imperative for users to apply necessary patches to safeguard their systems.
Affected: CryptoLib users
Keypoints :
- Vulnerability is tracked as CVE-2025-30216, with a CVSS score of 9.4.
- Heap overflow occurs in the Crypto_TM_ProcessSecurity function due to lack of validation check on the Secondary Header Length.
- Potential consequences include Denial of Service (DoS) and Remote Code Execution (RCE).
Source: https://securityonline.info/cryptolib-vulnerability-heap-overflow-threatens-space-communications/