EUVD-2026-18807
GHSA-43rr-mfcw-532v
CVSS Vector
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3Tags
Description
A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw/src/to_lab_passthru_encode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local network to execute the attack. The project was informed of the problem early through an issue report but has not responded yet.
Analysis
Heap-based buffer overflow in NASA cFS up to version 7.0.0 exists in the CFE_MSG_GetSize function within the CCSDS Packet Header Handler component (apps/to_lab/fsw/src/to_lab_passthru_encode.c), allowing attackers on the local network to cause memory corruption with limited confidentiality, integrity, and availability impact. The vulnerability requires network adjacency but no authentication or user interaction; no public exploit code has been identified, and the project has not yet released a patch despite early notification through GitHub issue tracking.
Sign in for full analysis, threat intelligence, and remediation guidance.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today