Cfs

cfs

Vendor: Nasa • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-25374 1Nasa 2Cfs Core Flight System Apr 30, 2026 Mar 25, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 In NASA cFS (Core Flight System) Aquila, it is possible to put the onboard software in a state that will prevent the launch of any external application, causing a platform denial of service.
CVE-2025-25373 1Nasa 2Cfs Core Flight System Apr 30, 2026 Mar 25, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform.
CVE-2025-25372 1Nasa 2Cfs Core Flight System Apr 30, 2026 Mar 25, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 NASA cFS (Core Flight System) Aquila is vulnerable to segmentation fault via sending a malicious telecommand to the Memory Management Module.
CVE-2025-25371 1Nasa 2Cfs Core Flight System Apr 30, 2026 Mar 25, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 NASA cFS (Core Flight System) Aquila is vulnerable to path traversal in the OSAL module, allowing the override of any arbitrary file on the system.