NASA CryptoLib Spacecraft Hijacking Vulnerability via Unchecked Key State

A vulnerability in NASA CryptoLib prior to version 1.3.2 allows for spacecraft hijacking by exploiting the Space Data Link Security (SDLS) protocol implementation. The issue arises because the key state is not verified before use, enabling unauthorized commands to be sent to a spacecraft's onboard computer. This flaw could lead to unauthorized control over the spacecraft, bypassing SDLS protections and potentially causing disruptive actions.

Impact

Exploitation of this vulnerability allows an attacker to gain unauthorized control of a spacecraft, bypassing all SDLS protections and interfering with the legitimate operator's access.

Reproduction

The vulnerability can be reproduced by sending a telecommand through the SDLS Clear Mode, which can be achieved by exploiting an out-of-bounds read vulnerability to access a Security Association (SA) that has not been properly configured. Once the Clear Mode SA is identified, it can be used to send commands to the spacecraft's Onboard Computer.

Remediation

Users are advised to update to NASA CryptoLib version 1.3.2 or later, where this vulnerability has been addressed by implementing key state checks before use.