CVE-2025-30216
Published: 25 March 2025
Summary
CVE-2025-30216 is a critical-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Nasa Cryptolib. Its CVSS base score is 9.4 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 7.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
CryptoLib is a software library implementing the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to protect communications between a cFS-based spacecraft and ground stations. Versions 1.3.3 and earlier contain a heap overflow in the Crypto_TM_ProcessSecurity function at crypto_tm.c:1735, where an excessively large Secondary Header Length field in a TM protocol packet causes an out-of-bounds memcpy into the dynamically allocated p_new_dec_frame buffer. The flaw is tracked as CWE-122 and CWE-787 and carries a CVSS 3.1 score of 9.4.
An unauthenticated network attacker can send a crafted TM packet that triggers the overflow, allowing adjacent heap memory to be overwritten. Successful exploitation can result in arbitrary code execution or denial of service against the CryptoLib instance processing the packet.
The project has published a fix in commit 810fd66d592c883125272fef123c3240db2f170f; the corresponding GitHub Security Advisory GHSA-v3jc-5j74-hcjv recommends upgrading to a patched release. The current EPSS score of 0.0769 shows no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-8083
Vulnerability details
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a Heap…
more
Overflow vulnerability occurs in the `Crypto_TM_ProcessSecurity` function (`crypto_tm.c:1735:8`). When processing the Secondary Header Length of a TM protocol packet, if the Secondary Header Length exceeds the packet's total length, a heap overflow is triggered during the memcpy operation that copies packet data into the dynamically allocated buffer `p_new_dec_frame`. This allows an attacker to overwrite adjacent heap memory, potentially leading to arbitrary code execution or system instability. A patch is available at commit 810fd66d592c883125272fef123c3240db2f170f.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated heap overflow in network packet processing function enables crafted packet exploitation of the public-facing service for arbitrary code execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires timely flaw remediation, directly mitigating the heap overflow by applying the available patch in CryptoLib commit 810fd66d592c883125272fef123c3240db2f170f.
Mandates validation of information inputs such as TM protocol packet Secondary Header Length against total packet length to prevent the unsafe memcpy triggering the heap overflow.
Implements memory protection mechanisms like address space randomization and non-executable heap to mitigate exploitation of the heap overflow even if unpatched.