CVE-2025-59534

Name of the Vulnerable Software and Affected Versions CryptoLib versions prior to 1.4.2

Description CryptoLib is a software solution utilizing the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) for secure communications between spacecraft and ground stations. A command injection issue exists in the initialize kerberos keytab file login() function due to the direct interpolation of user-controlled input into a shell command executed via the system() function without proper sanitization or validation. This allows for potential unauthorized command execution.

Recommendations Update CryptoLib to version 1.4.2 or later.