CVE-2026-3503

Enriched by CISA
 

Protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6.
https://nvd.nist.gov/vuln/detail/CVE-2026-3503

Categories

CWE-335 : Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
The product uses a Pseudo-Random Number Generator (PRNG) but does not correctly manage seeds. Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.) Cloud application on Kubernetes generates passwords using a weak random number generator based on deployment time. server uses erlang:now() to seed the PRNG, whichresults in a small search space for potential randomseeds Product's PRNG is not seeded for the generation of session IDs Router's PIN generation is based on rand(time(0)) seeding.

References


 

AFFECTED (from MITRE)

Vendor Product Versions
wolfSSL Inc. wolfSSL (wolfCrypt)
  • 5.8.2 < 5.9.0 [affected]
© 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

CPE

cpe start end

REMEDIATION


EXPLOITS

Exploit-db.com

id description date
No known exploits

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
No known exploits

CAPEC

Common Attack Pattern Enumerations and Classifications

id description severity
No entry