Description
CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read vulnerability in cryptography_aead_encrypt(). This issue has been patched in version 1.4.3.
Published: 2026-01-10
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: Confidentiality Exposure
Action: Immediate Patch
AI Analysis

Impact

CryptoLib implements the CCSDS Space Data Link Security Protocol – Extended Procedures for secure spacecraft communications. In versions prior to 1.4.3, the cryptography_aead_encrypt() function contains an out‑of‑bounds heap read, triggered when parsing encryption metadata using a flawed strtok pattern. This flaw allows a malicious user to cause the library to read beyond the bounds of the intended buffer and disclose sensitive memory contents such as cryptographic keys or other private data, as identified by CWE‑125.

Affected Systems

NASA’s CryptoLib is the affected vendor and product. Any installation using CryptoLib before release 1.4.3 is vulnerable; version 1.4.3 and later contain the patch.

Risk and Exploitability

The CVSS score of 8.2 indicates a high impact vulnerability, while the EPSS score of less than 1% shows a very low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, reducing its perceived threat level for critical missions. Although the attack vector is not explicitly documented, the flaw is exercised during AEAD encryption, implying that an attacker would need to supply crafted metadata input, which could be feasible in a compromised or untrusted environment. The official remediation is to update to version 1.4.3, which eliminates the out‑of‑bounds read.

Generated by OpenCVE AI on April 18, 2026 at 16:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade CryptoLib to version 1.4.3 or newer using the official release from GitHub
  • Replace the vulnerable AEAD encryption routine with a vetted third‑party implementation that does not contain the out‑of‑bounds read
  • Insert defensive bounds checks around metadata parsing in the cryptography_aead_encrypt function

Generated by OpenCVE AI on April 18, 2026 at 16:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 16 Jan 2026 17:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:nasa:cryptolib:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Tue, 13 Jan 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 12 Jan 2026 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Nasa
Nasa cryptolib
Vendors & Products Nasa
Nasa cryptolib

Sat, 10 Jan 2026 00:45:00 +0000

Type Values Removed Values Added
Description CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read vulnerability in cryptography_aead_encrypt(). This issue has been patched in version 1.4.3.
Title CryptoLib Has Out-of-Bounds Read in KMC AEAD Encrypt Metadata Parsing via Flawed strtok Pattern
Weaknesses CWE-125
References
Metrics cvssV4_0

{'score': 8.2, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Nasa Cryptolib
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-01-13T17:17:39.426Z

Reserved: 2026-01-05T22:30:38.717Z

Link: CVE-2026-22023

cve-icon Vulnrichment

Updated: 2026-01-13T17:17:28.473Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-10T01:16:18.410

Modified: 2026-01-16T16:45:11.670

Link: CVE-2026-22023

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T16:45:05Z

Weaknesses