How to fix CVE-2025-70085?

Within 24 hours: Inventory all systems running OpenSatKit 2.2.1 and isolate affected instances from untrusted networks. Within 7 days: Implement network segmentation to restrict access to OpenSatKit systems to authorized personnel only and enable enhanced logging for EventErrStr buffer interactions. Within 30 days: Contact the OpenSatKit vendor for patch availability, evaluate upgrade paths to patched versions, and prepare systems for immediate deployment once patches are released.

Is Opensatkit affected by CVE-2025-70085?

CVE-2025-70085 is a critical buffer overflow vulnerability in OpenSatKit 2.2.1 that could allow attackers to execute arbitrary code or crash systems with a 9.8 CVSS score.

CVE-2025-70085

CRITICAL

2026-02-11 [email protected]

9.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

CVE Published

Feb 11, 2026 - 18:16 nvd

CRITICAL 9.8

Description

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames (Source1Filename and the string returned by FileUtil_FileStateStr) into this buffer without any length checking and without using bounded format specifiers such as %.*s. If the filename length approaches OS_MAX_PATH_LEN (commonly 64-256 bytes), the combined formatted string together with constant text can exceed 256 bytes, resulting in a stack buffer overflow. Such unsafe sprintf calls are scattered across multiple functions in file.c, including FILE_ConcatenateCmd() and ConcatenateFiles(), all of which fail to validate the output length.

Analysis

Stack buffer overflow in OpenSatKit 2.2.1 satellite ground station software. The ErrStr buffer overflows when formatting filenames. Space infrastructure vulnerability.

Technical Context

CWE-121 stack overflow in EventErrStr (256-byte buffer). sprintf formats two filenames that can exceed the buffer.

Affected Products

['OpenSatKit 2.2.1']

Remediation

Update OpenSatKit. Use snprintf with size limits.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +49

POC: 0

CVE-2025-70085 vulnerability details – vuln.today

Back

CVE-2025-70085

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-70085

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code