CVE-2025-46673

CVSS 3.1 Score 4.9 of 10 (medium)

Details

Published Apr 27, 2025

Updated: Apr 29, 2025

CWE ID 913

Summary

CVE-2025-46673 is a vulnerability affecting NASA's CryptoLib software before version 1.3.2. This issue arises from the failure to check if the Security Associations (SA) are in an operational state prior to use, enabling an attacker to potentially bypass the Space Data Link Security (SDLS) protocol. This vulnerability could pose a significant risk to secure data transmitted through the SDLS, as unauthorized access might go undetected. NASA strongly advises users to upgrade to the latest version of CryptoLib to mitigate this vulnerability and ensure the continued security of their data transmissions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Vendors

NASA

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Predator Still Active, with New Client and Corporate Links Identified

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Know What Matters

For Customers

For Partners