CVE-2026-21900 is an out-of-bounds heap read vulnerability classified under CWE-125 found in NASA's CryptoLib, a software-only implementation of the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP). This library secures communications between spacecraft running the core Flight System (cFS) and ground stations. The vulnerability exists in the cryptography_encrypt() function when it parses JSON metadata received from Key Management Center (KMC) server responses. Specifically, the issue stems from a flawed use of the strtok function for iterating over strings, where the pointer arithmetic ptr + strlen(ptr) + 1 causes the code to read one byte beyond the allocated buffer boundary when processing short or malformed metadata strings. This out-of-bounds read can lead to undefined behavior, including potential leakage of sensitive memory contents or application crashes. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The flaw was identified and patched in CryptoLib version 1.4.3. While no known exploits have been reported in the wild, the vulnerability's CVSS 4.0 score of 8.2 reflects its high severity due to the potential impact on confidentiality and availability. This vulnerability is particularly relevant to organizations using CryptoLib in space communication systems or related aerospace applications.

For European organizations, especially those involved in aerospace, satellite communications, or space research, this vulnerability poses a significant risk. Exploitation could lead to unauthorized disclosure of sensitive cryptographic material or metadata, potentially compromising the confidentiality of spacecraft-to-ground communications. Additionally, out-of-bounds reads can cause application instability or crashes, impacting the availability of critical communication systems. Given the reliance on secure data links in space missions, any disruption or data leakage could have severe operational and reputational consequences. Although no active exploits are known, the ease of remote exploitation without authentication increases the threat level. Organizations that integrate CryptoLib or similar CCSDS SDLS-EP implementations in their systems must consider this vulnerability a priority for remediation to maintain secure and reliable space communication infrastructure.

The primary mitigation is to upgrade CryptoLib to version 1.4.3 or later, where the out-of-bounds read issue has been patched. Organizations should conduct a thorough inventory to identify all systems using CryptoLib, especially those involved in spacecraft communication or ground station operations. Beyond upgrading, it is advisable to audit all JSON parsing routines within the software stack for similar unsafe string handling patterns, particularly those using strtok or manual pointer arithmetic. Implementing bounds checking and safer string handling functions can prevent similar vulnerabilities. Network-level protections such as strict filtering of KMC server responses and anomaly detection for malformed metadata can reduce exposure. Additionally, organizations should monitor for any emerging exploit attempts or related threat intelligence. Regular security assessments and code reviews focusing on memory safety in critical communication components are recommended to prevent recurrence.