A U-2 spy plane sparked a memory shortage that shut down air traffic control, grounding and delaying hundreds of flights in Southern California on April 30.
A source close to the incident and security experts told Reuters that the same vulnerability could be exploited by attackers.
The $2.4 billion system created by Lockheed Martin failed in April when the U-2 aircraft flew through the region.
A lack of altitude information in the U-2's flight plan caused an error.
"The system is only designed to take so much data per airplane," one of the sources said. "It keeps failing itself because it's exceeded the limit of what it can do."
The system then cycled on and off to fix the problem. A large area of the southwestern U.S. then blanked out.
No accidents or injuries were caused by the system failure.
Federal Aviation Administration spokeswoman Laura Brown said the computer was examining a large number of air routes to "de-conflict the aircraft with lower-altitude flights,” a process which "used a large amount of available memory and interrupted the computer’s other flight-processing functions."
While sources said it would be difficult for an attacker to mimic the exact same circumstances, “it shows a very basic limitation of the system.”
Security experts say the glitch should have been identified in testing before it was ever deployed.
"That's when you put in values anywhere that a human could put in a number, like minus one feet, or a million feet, to see what that would do," Jeff Moss, founder of the Black Hat and Def Con security conferences and advisor to the Department of Homeland Security, told Reuters.
Experts believe there must be other similar system failures, despite FAA assurances that the problem is in the process of being fixed.
"If it's now understood that there are flight plans that cause the automated system to fail, then the flight plan is an 'attack surface,'" said Dan Kaminsky, co-founder of the White Ops security firm and an expert in attacking computers by over-filling memory.