Skip to main content

NASA cFS CVE-2026-15352

| EUVDEUVD-2026-45022 HIGH
NULL Pointer Dereference (CWE-476)
2026-07-16 icscert GHSA-8472-2q4c-5q85
8.2
CVSS 4.0 · Vendor: icscert
Share

Severity by source

Vendor (icscert) PRIMARY
8.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.9 MEDIUM

Network-deliverable HK request with no auth or interaction (AV:N/PR:N/UI:N), but bus-access precondition maps AT:P to AC:H; impact is availability-only DoS (A:H, C/I:N).

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (icscert).

CVSS VectorVendor: icscert

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

4
Source Code Evidence Fetched
Jul 16, 2026 - 20:30 vuln.today
Analysis Generated
Jul 16, 2026 - 20:30 vuln.today
CVSS changed
Jul 16, 2026 - 20:22 NVD
7.5 (HIGH) 8.2 (HIGH)
CVE Published
Jul 16, 2026 - 19:48 cve.org
HIGH 8.2

DescriptionCVE.org

A vulnerability exists in the Health & Safety (HS) application of NASA's Core Flight System (cFS). The flaw allows the application to crash via segmentation fault when processing a routine Housekeeping Telemetry request, leading to denial of service.

AnalysisAI

Denial of service in NASA's Core Flight System (cFS) Health & Safety (HS) application allows a remote attacker to crash the application through a NULL pointer dereference triggered while processing a routine Housekeeping Telemetry request. All HS versions prior to v7.0.1 are affected; the crash produces a segmentation fault that halts the health-monitoring task. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain access to cFS telemetry/command bus
Delivery
Craft Housekeeping Telemetry request
Exploit
Send request to HS application
Execution
Trigger NULL pointer dereference
Impact
HS task segfaults, health monitoring down

Vulnerability AssessmentAI

Exploitation Exploitation requires the attacker to deliver a Housekeeping Telemetry request message to the cFS Health & Safety (HS) application over the cFS Software Bus / telemetry interface (AV:N, PR:N, UI:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals are consistent but modest in real-world reach. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with access to the spacecraft's command/telemetry network crafts and injects a Housekeeping Telemetry request to the HS application on the cFS Software Bus; the malformed handling dereferences a NULL pointer, the HS task segfaults, and health/watchdog monitoring is lost until the software is restarted. No public POC is known, and the AT:P requirement means the attacker must be able to deliver a valid HK request onto the bus rather than exploit from an arbitrary internet position.
Remediation Vendor-released patch: v7.0.1 - upgrade the cFS Health & Safety application to HS v7.0.1 (part of the cFS 'Draco' v7.0.1 bundle) per https://github.com/nasa/HS/releases/tag/v7.0.1 and review the CISA advisory ICSA-26-197-03 at https://www.cisa.gov/news-events/ics-advisories/icsa-26-197-03. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, identify all systems running cFS HS versions prior to v7.0.1 and assess their operational criticality. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-15352 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy