Burning, Trashing, Spacecraft Crashing: A Collection of Vulnerabilities That Will End Your Space Mission
Black Hat USA 2025 · Day 1 · Briefings
Researchers from Vision Space demonstrated live exploits against three open-source mission control systems and NASA's Core Flight System, proving that software vulnerabilities — not kinetic weapons — are now the most accessible path to destroying a satellite mission. Critical flaws including XSS-to-telecommand injection, remote code execution, and an unauthenticated crash-and-key-reset vulnerability were found across every system examined. ---
AI review
Three live demos proving you can crash, commandeer, or orbit-shift a spacecraft from a laptop. The CFS GOT-overwrite chain is textbook exploitation applied to a domain where the stakes involve hardware floating in the vacuum at 500 km/h. The CryptoLib unauthenticated crash-and-key-reset is the most operationally alarming finding in this batch.