Disabling satellites through hacking is a more feasible option compared to explosions.

Disabling satellites through hacking is a more feasible option compared to explosions.

VisionSpace Researchers Unveil Critical Satellite Security Vulnerabilities

In a groundbreaking demonstration, Milenko Starcik and Andrzej Olchawa from German biz VisionSpace Technologies have revealed significant security vulnerabilities in satellite management software, highlighting potential risks such as unauthenticated commands that can crash onboard satellite software and covertly change satellite orbits without immediate detection.

The researchers found multiple critical vulnerabilities (CVEs) in widely used open-source satellite command and control applications like Yamcs and OpenC3 Cosmos. These weaknesses could allow attackers total control over satellite operations and ground station management systems.

Yamcs and OpenC3 Cosmos Vulnerabilities

In Yamcs, a NASA and Airbus-used application, five CVEs allow attackers to fully control satellite communications. Meanwhile, in OpenC3 Cosmos, used in ground stations, seven vulnerabilities enable remote code execution and cross-site scripting.

NASA's Core Flight System (cFS) Aquila Flaws

NASA's Core Flight System (cFS) Aquila also contains four critical vulnerabilities capable of crashing flight software and providing full code execution to attackers.

These demonstrated vulnerabilities show that satellite software often lacks robust authentication and input validation. Attackers could send unauthenticated telecommands to crash satellites or alter their course covertly.

Broader Satellite Software Vulnerabilities

Satellite systems generally suffer from weak or missing protections such as encryption and secure telecommand interfaces, which threatens the integrity and confidentiality of satellite control signals and mission data. These issues affect not only satellites in orbit but also ground segment systems (command centers, antennas) that manage the satellites, which can be exploited for ransomware, data theft, or service disruption.

Key vulnerabilities in satellite management and ground segment software include:

• Unprotected telecommand interfaces
• Lack of encrypted communication links making RF signals susceptible to interception, jamming, and spoofing
• Software weaknesses in command and control applications enabling remote code execution, denial of service, or data manipulation
• Insufficient authentication allowing unauthenticated commands to destabilize satellite software or covertly alter satellite orbits
• Lack of secure over-the-air (OTA) update mechanisms with cryptographic protections
• Ground station software susceptible to phishing, malware injection, or configuration exploitation

The Urgent Need for Cybersecurity

The growing reliance on open-source software and the proliferation of satellites exacerbate these vulnerabilities, highlighting the urgent need for built-in cybersecurity, encryption, and secure command protocols across satellite lifecycles. The team emphasized that relying on buggy code to control orbital platforms should not be tolerated.

The researchers' findings underscore the importance of addressing these vulnerabilities to ensure the security and integrity of satellite operations and ground infrastructure, as well as the safety of the growing number of satellites in orbit, which currently stands at approximately 12,300, according to the European Space Agency.

1. The research by Milenko Starcik and Andrzej Olchawa from VisionSpace Technologies has uncovered significant security vulnerabilities in satellite management software, with NASA's Core Flight System (cFS) Aquila also containing critical flaws.
2. In Yamcs, a commonly used open-source satellite command and control application, five CVEs have been identified that allow attackers to fully control satellite communications.
3. Similarly, in OpenC3 Cosmos, another popular ground station software, seven vulnerabilities enable remote code execution and cross-site scripting.
4. These demonstrated vulnerabilities underscore a broader issue of weak or missing protections such as encryption and secure telecommand interfaces in satellite systems, which could be exploited for ransomware, data theft, or service disruption.
5. The reliance on open-source software and the proliferation of satellites exacerbate these vulnerabilities, emphasizing the urgent need for built-in cybersecurity, encryption, and secure command protocols across satellite lifecycles.
6. Addressing these vulnerabilities is essential to ensure the security and integrity of satellite operations and ground infrastructure, as well as the safety of the increasing number of satellites in orbit, currently at about 12,300, according to the European Space Agency.

Read also: