CVE-2018-25367 NASA CVE debrief

Who should care

Organizations using NASA OpenVSP for aircraft geometry modeling and design, particularly in multi-user environments where untrusted users may have local access to OpenVSP installations. System administrators managing engineering workstations with OpenVSP deployed. Security teams monitoring for denial-of-service conditions in specialized engineering software environments.

Technical summary

The vulnerability exists in the geometry name field parsing within OpenVSP 3.16.1's Geom browser pod addition interface. The application fails to properly validate the length of user-supplied strings before copying them into fixed-size buffers. An attacker with local access can paste approximately 5000 bytes into the name input field, triggering a buffer overflow that crashes the application. The CVSS 4.0 score of 6.9 (Medium) reflects the local attack vector and high availability impact with no confidentiality or integrity compromise. The vulnerability is classified as CWE-120 (Classic Buffer Overflow). No authentication or privileges are required to trigger the crash, but physical or logical local access is necessary.

Defensive priority

medium

Recommended defensive actions

• Upgrade to a patched version of NASA OpenVSP when available; check the official NASA OpenVSP GitHub repository for security updates
• Implement input validation and length restrictions on geometry name fields in custom OpenVSP deployments
• Monitor for anomalous application crashes in OpenVSP environments that may indicate exploitation attempts
• Review local access controls to limit untrusted user access to OpenVSP installations
• Apply principle of least privilege for users requiring access to OpenVSP geometry editing functions

Evidence notes

Buffer overflow confirmed via source references. Attack vector is local only. No evidence of remote exploitation or code execution capability in disclosed materials. CVSS 4.0 scoring applied.

Official resources