NASA cFS - Vulnerability Research

Our team recently had the opportunity to conduct security and vulnerability research on the NASA Core Flight System (cFS), during which we identified and exploited several vulnerabilities. Below is a list of relevant CVEs:

CVE-2025-25371

CVE-2025-25372

CVE-2025-25373

CVE-2025-25374

Additionally, we have prepared a demonstration and explanation of one of the vulnerabilities that results in Remote Code Execution (RCE).

This security research was originally published at VisionSpace Blog