CVE-2025-25373CRITICAL 9.8EPSS p35.4%

CVE-2025-25373CVE-2025-25373

Description

The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.45% probability of exploitation · percentile 35.4% · 2026-06-18T12:00:27Z
Published2025-03-25
Last modified2026-04-30

Underlying weaknesses· 1

CWE-732

References

  1. https://visionspace.com/nasa-cfs-version-aquila-software-vulnerability-assessment/
  2. https://visionspace.com/nasa-cfs-version-aquila-software-vulnerability-assessment/

1

TypeTargetConfidenceTier
WeaknessIncorrect Permission Assignment for Critical Resourcecwe-7320%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-22907
CVE
CVE-2026-5474
CVE
CVE-2026-25258
CVE
CVE-2025-37157
CVE
CVE-2026-25259
CVE
CVE-2025-43563
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.