Vulns to end your space mission - A. Olchawa, M. Starcik, R. Fradique & A.Boulaich
Mileno, Andre, Ricardo
DEF CON 33 (backfill) · Day 1 · Main Stage
This talk by the Vision Space team, led by Mileno and featuring Andre and Ricardo, delves into critical security vulnerabilities discovered in widely used software components of space systems. Titled "Vulns to end your space mission," the presentation highlights the alarming gap in security scrutiny within the space industry, particularly concerning the ground and space segments of missions. As the number of launched satellites explodes due to commercial ventures like SpaceX and OneWeb, alongside increasing defense sector involvement, the attack surface for space systems is expanding at an unprecedented rate, creating significant incentives for advanced persistent threats (APTs) and nation-states to target these critical infrastructures.
AI review
Solid, original research into a genuinely underaudited attack surface — space-sector ground and flight software — backed by working exploits against real, widely-deployed systems. The XSS-to-RCE chain on OpenC3 and the GOT-overwrite on NASA CFS are credible, technically sound demonstrations that justify the talk's core claim: kinetic attacks on satellites are the hard path, not the easy one. Doesn't quite hit five stars because neither exploit is especially novel in technique — these are well-understood primitives applied to an unfamiliar target domain — but the target selection and the live…