CVE-2026-21898 - Vulnerability Details

- CryptoLib Has Out-of-bounds Read in Crypto_AOS_ProcessSecurity

Description

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the Crypto_AOS_ProcessSecurity function reads memory without valid bounds checking when parsing AOS frame hashes. This issue has been patched in version 1.4.3.

Published: 2026-01-10

Score: 8.2 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The CryptoLib library implements the CCSDS Space Data Link Security Protocol for spacecraft and ground station communications. Its Crypto_AOS_ProcessSecurity function parses AOS frame hashes, but prior to version 1.4.3 it reads memory without properly checking bounds. This out-of-bounds read (CWE-125) can allow an attacker to read arbitrary data from the process’s address space, potentially exposing cryptographic keys or other sensitive information. The flaw does not directly allow code execution but provides a path for information disclosure that could compromise mission confidentiality.

Affected Systems

The affected systems are those running NASA’s CryptoLib before the 1.4.3 release. Any installation of CryptoLib that implements the CCSDS Space Data Link Security Protocol and processes AOS frames is vulnerable. Versions up to and including 1.4.2 lack the necessary bounds checks and therefore are at risk.

Risk and Exploitability

With a CVSS score of 8.2, this fault is considered high severity. The EPSS score is below 1 %, suggesting that exploitation is unlikely at present, and no record exists in the CISA KEV catalog. However, the weakness requires crafted input that reaches Crypto_AOS_ProcessSecurity, so an attacker would need the ability to inject or modify AOS frames on the communication link. If this condition is met, the out-of-bounds read could leak confidential material, but would not directly execute code.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

nasa

CryptoLib

affected

Version	Status	Constraints
`< 1.4.3`	affected	—

Configuration 1 [-]

cpe:2.3:a:nasa:cryptolib:*:*:*:*:*:*:*:*

No data.

Vendor	Product	Confidence	Versions
Nasa	Cryptolib	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Install CryptoLib version 1.4.3 or later to apply the bounds-checking fix.
Limit who can send AOS frames when the library is not yet updated, reducing the chance of malicious input reaching Crypto_AOS_ProcessSecurity.
Disable or reject malformed AOS frames until the patch is deployed to prevent exploitation of the read vulnerability.

Generated by OpenCVE AI on April 18, 2026 at 07:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Exploitation poc

Automatable yes

Technical Impact partial

References

Link	Providers
https://github.com/nasa/CryptoLib/releases/tag/v1.4.3
https://github.com/nasa/CryptoLib/security/advisories/GHSA-7ch6-2pmg-m853

History

Thu, 15 Jan 2026 22:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:nasa:cryptolib::::::::

Mon, 12 Jan 2026 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 12 Jan 2026 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Nasa Nasa cryptolib
Vendors & Products		Nasa Nasa cryptolib

Sat, 10 Jan 2026 00:45:00 +0000

Type	Values Removed	Values Added
Description		CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the Crypto_AOS_ProcessSecurity function reads memory without valid bounds checking when parsing AOS frame hashes. This issue has been patched in version 1.4.3.
Title		CryptoLib Has Out-of-bounds Read in Crypto_AOS_ProcessSecurity
Weaknesses		CWE-125
References		https://github.com/nasa/CryptoLib/releases/tag/v1.4.3 https://github.com/nasa/CryptoLib/security/advisories/GHSA-7ch6-2pmg-m853
Metrics		cvssV3_1 `{'score': 8.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H'}`

Subscriptions

Nasa Cryptolib

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-01-10T00:10:29.925Z

Updated: 2026-01-12T20:22:05.827Z

Reserved: 2026-01-05T17:24:36.931Z

Link: CVE-2026-21898

Vulnrichment

Updated: 2026-01-12T20:21:53.657Z

NVD

Status : Analyzed

Published: 2026-01-10T01:16:17.957

Modified: 2026-01-15T21:48:49.657

Link: CVE-2026-21898

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-18T07:30:36Z

Weaknesses

CWE-125

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation poc

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object