Vulnerabilities ›

CVE-2026-5474

Medium

CWE-119 — Weakness Type

                    Published: Apr 3, 2026                      ·  Modified: Apr 6, 2026                      ·  Source: NVD                

CVSS v3

6.3

🔗 NVD Official

📄 Description (English)

A vulnerability was found in NASA cFS up to 7.0.0. This affects the function CFE_MSG_GetSize of the file apps/to_lab/fsw/src/to_lab_passthru_encode.c of the component CCSDS Packet Header Handler. Performing a manipulation results in heap-based buffer overflow. The attacker must have access to the local network to execute the attack. The project was informed of the problem early through an issue report but has not responded yet.

🤖 AI Executive Summary

A heap-based buffer overflow vulnerability exists in NASA cFS versions up to 7.0.0 within the CCSDS Packet Header Handler component. The vulnerability requires local network access to exploit and could lead to memory corruption and potential code execution. No patch is currently available, making immediate compensating controls essential for affected Saudi organizations.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: May 18, 2026 15:18

🇸🇦 Saudi Arabia Impact Assessment

This vulnerability primarily impacts Saudi organizations using NASA cFS in aerospace, satellite communications, and critical infrastructure monitoring systems. Government agencies (particularly those under NCA oversight) managing space programs or satellite operations, energy sector organizations (ARAMCO and subsidiaries) utilizing cFS for remote monitoring systems, and telecommunications providers (STC) managing network infrastructure are at elevated risk. The local network requirement limits exposure but poses significant risk in operational technology (OT) environments common in Saudi critical infrastructure.

🏢 Affected Saudi Sectors

Aerospace and Space Programs Government (NCA-regulated entities) Energy (ARAMCO and subsidiaries) Telecommunications (STC and providers) Critical Infrastructure Monitoring Satellite Communications

🎯 MITRE ATT&CK Techniques

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution T1499 - Endpoint Denial of Service T1055 - Process Injection

⚖️ Saudi Risk Score (AI)

6.8

/ 10.0

🔧 Remediation Steps (English)

Immediate Actions:

1. Inventory all systems running NASA cFS versions up to 7.0.0 across your organization

2. Isolate affected systems from untrusted local networks where possible

3. Implement network segmentation to restrict local network access to cFS systems

4. Enable enhanced logging and monitoring on CFE_MSG_GetSize function calls



Compensating Controls (until patch available):

5. Deploy input validation mechanisms to sanitize CCSDS packet headers before processing

6. Implement strict access controls limiting local network connectivity to authorized personnel only

7. Monitor for abnormal memory access patterns and heap corruption indicators

8. Deploy network-based intrusion detection signatures for malformed CCSDS packets

9. Establish a vulnerability tracking process with NASA cFS project for patch availability



Detection Rules:

- Alert on CFE_MSG_GetSize processing of oversized CCSDS packet headers

- Monitor for heap memory corruption events in cFS processes

- Track unauthorized local network connections to cFS systems

- Flag CCSDS packets with header sizes exceeding specification limits

🔧 خطوات المعالجة (العربية)

الإجراءات الفورية:

1. قم بحصر جميع الأنظمة التي تعمل بإصدارات NASA cFS حتى 7.0.0 عبر مؤسستك

2. عزل الأنظمة المتأثرة عن الشبكات المحلية غير الموثوقة قدر الإمكان

3. تطبيق تقسيم الشبكة لتقييد الوصول إلى الشبكة المحلية لأنظمة cFS

4. تفعيل السجلات المحسّنة والمراقبة على استدعاءات دالة CFE_MSG_GetSize

الضوابط التعويضية (حتى توفر التصحيح):

5. نشر آليات التحقق من صحة المدخلات لتنظيف رؤوس حزم CCSDS قبل المعالجة

6. تطبيق ضوابط وصول صارمة تقيد الاتصال بالشبكة المحلية للموظفين المصرح لهم فقط

7. مراقبة أنماط الوصول إلى الذاكرة غير الطبيعية ومؤشرات تلف الكومة

8. نشر توقيعات كشف التسلل القائمة على الشبكة لحزم CCSDS المشوهة

9. إنشاء عملية تتبع الثغرات مع مشروع NASA cFS لتوفر التصحيحات

قواعد الكشف:

- تنبيه معالجة CFE_MSG_GetSize لرؤوس حزم CCSDS ذات الحجم الزائد

- مراقبة أحداث تلف ذاكرة الكومة في عمليات cFS

- تتبع الاتصالات غير المصرح بها بالشبكة المحلية لأنظمة cFS

- وضع علامة على حزم CCSDS برؤوس تتجاوز حدود المواصفات

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

ECC 2024 A.12.6.1 - Management of technical vulnerabilities ECC 2024 A.14.2.1 - Secure development policy ECC 2024 A.12.2.1 - Monitoring of system use

🔵 SAMA CSF

SAMA CSF ID.RA-1 - Asset management and vulnerability identification SAMA CSF PR.IP-12 - Software development and acquisition security SAMA CSF DE.CM-1 - Detection and analysis of anomalies

🟡 ISO 27001:2022

ISO 27001:2022 A.12.2.1 - Monitoring of information systems ISO 27001:2022 A.14.2.1 - Secure development policy and procedures ISO 27001:2022 A.12.6.1 - Management of technical vulnerabilities

🔗 References & Sources 5

🔗

https://github.com/nasa/cFS/

cna@vuldb.com

🔗

https://github.com/nasa/cFS/issues/952

cna@vuldb.com

🔗

https://vuldb.com/submit/781950

cna@vuldb.com

🔗

https://vuldb.com/vuln/355078

cna@vuldb.com

🔗

https://vuldb.com/vuln/355078/cti

cna@vuldb.com

📊 CVSS Score

6.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack VectorA — Adjacent

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityL — Low / Local

AvailabilityL — Low / Local

📋 Quick Facts

Severity Medium

CVSS Score6.3

CWECWE-119

EPSS0.02%

Exploit No

Patch ✗ No

Published 2026-04-03

Source Feed nvd

🇸🇦 Saudi Risk Score

6.8

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-119

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-5474

Introduce Yourself

Sign In Required