← back
CVE-2025-25373

CVE-2025-25373

CVSS 9.8 CRITICALEPSS 0.5%CWE-732
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
25 Mar 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://visionspace.com/nasa-cfs-version-aquila-software-vulnerability-assessment/