CVE-2025-46672

LOW

NASA CryptoLib <1.3.2 - Code Injection

Title source: llm

Description

NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.

References (3)

Scores

CVSS v3 3.5
EPSS 0.0020
EPSS Percentile 41.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N

Classification

CWE
CWE-252
Status published

Affected Products (1)

nasa/cryptolib < 1.3.2

Timeline

Published Apr 27, 2025
Tracked Since Feb 18, 2026