CVE-2024-35061

Root

Cause The vulnerability stems from NASA AIT-Core v2.5.2 using unencrypted network channels for data exchange. This design flaw allows an attacker positioned between communicating parties to intercept or modify traffic without detection [1][3].

Exploitation

An attacker can execute a man-in-the-middle (MitM) attack by placing themselves on the network path between AIT-Core components. No authentication is required for this initial interception. Critically, when this MitM capability is chained with CVE-2024-35059—which enables local code execution via unsafe Pickle deserialization—the attacker can inject malicious Pickle payloads over the unencrypted channel, achieving remote code execution [1][3].

Impact

Successful exploitation yields fully unauthenticated remote code execution on the target system running AIT-Core v2.5.2. This could allow an attacker to execute arbitrary commands, compromise mission data, or pivot to other connected systems [1].

Mitigation

As of the publication date, no patch has been announced by NASA. Users are advised to apply network-level encryption (e.g., TLS), isolate AIT-Core instances on trusted networks, and monitor for updates from the project repository [2][3].