Core Flight System Cfs Health Safety Hs Application
Monthly
Denial of service in NASA's Core Flight System (cFS) Health & Safety (HS) application allows a remote attacker to crash the application through a NULL pointer dereference triggered while processing a routine Housekeeping Telemetry request. All HS versions prior to v7.0.1 are affected; the crash produces a segmentation fault that halts the health-monitoring task. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but a CISA ICS advisory (ICSA-26-197-03) and vendor-tagged fix release exist.
Denial of service in NASA's Core Flight System (cFS) Health & Safety (HS) application allows a remote attacker to crash the application through a NULL pointer dereference triggered while processing a routine Housekeeping Telemetry request. All HS versions prior to v7.0.1 are affected; the crash produces a segmentation fault that halts the health-monitoring task. No public exploit identified at time of analysis, and it is not listed in CISA KEV, but a CISA ICS advisory (ICSA-26-197-03) and vendor-tagged fix release exist.