NASA CryptoLib Space Data Link Security Bypass Vulnerability

A vulnerability in NASA CryptoLib versions prior to 1.3.2 allows for a bypass of the Space Data Link Security (SDLS) protocol. This issue arises because the software does not verify whether a Security Association (SA) is operational before use. The vulnerability can be exploited to send unauthorized telecommands to a spacecraft's Onboard Computer, potentially leading to unauthorized actions or control of the spacecraft.

Impact

Exploitation of this vulnerability allows for unauthorized bypassing of SDLS protections, enabling the sending of arbitrary telecommands to a spacecraft. This could result in unwanted behaviors or even complete control of the spacecraft, according to the source.

Reproduction

The vulnerability can be reproduced by sending a Telecommand (TC) frame with a Security Parameter Index (SPI) that points to a non-operational Security Association. This can be done by fuzzing the SPI field until a value is found that bypasses the SDLS checks and is accepted as a valid clear mode SA. Once this is achieved, telecommands can be sent to the spacecraft's Onboard Computer, effectively hijacking control.

Remediation

Users are advised to update to NASA CryptoLib version 1.3.2 or later, where this vulnerability has been addressed by implementing checks to ensure that Security Associations are in an operational state before use.