CVE-2025-46674
LOWDescription
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystream oracle.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| nasa | cryptolib |
References
Frequently Asked Questions
What is CVE-2025-46674? +
How severe is CVE-2025-46674? +
What products are affected by CVE-2025-46674? +
How do I check if I'm vulnerable to CVE-2025-46674? +
Related Vulnerabilities
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable …
A vulnerability exists in serial device servers where active debug code remains enabled in the UART interface. An attacker with …
The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated …
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to hard-coded credentials in the administrative web …
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass vulnerability in the administrative web server. Authentication …
Active Debug Code in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2, WG1200HP3, WG1800HP3, WG1200HS2, WG1900HP, WG1200HP2, W1200EX(-MS), WG1200HS, WG1200HP, WF300HP2, W300P, …