CVE-2025-46674

Name of the Vulnerable Software and Affected Versions NASA CryptoLib versions prior to 1.3.2

Description The issue arises from NASA CryptoLib using Extended Procedures that are a Work in Progress, not intended for use during flight, potentially leading to a keystream oracle.

Recommendations For NASA CryptoLib versions prior to 1.3.2, update to version 1.3.2 or later to resolve the issue. As a temporary workaround, consider disabling the use of Extended Procedures until a patch is available. Restrict access to sensitive cryptographic functions to minimize the risk of exploitation.