CVE-2025-11935 | THREATINT

Description

With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS (perfect forward secrecy) and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing psk_dhe_ke without a key_share extension. The re-use of an authenticated PSK connection that on the clients side unexpectedly did not have PFS, reduces the security of the connection.

PUBLISHED Reserved 2025-10-17 | Published 2025-11-21 | Updated 2025-12-08 | Assigner wolfSSL

MEDIUM: 6.3CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Problem types

CWE-326 Inadequate Encryption Strength

Product status

Default status

unaffected

3.12.0 (git) before 5.8.4

affected

Credits

Jaehun Lee, Pohang University of Science and Technology (POSTECH) finder

Kyungmin Bae, Pohang University of Science and Technology (POSTECH) coordinator

References

github.com/wolfSSL/wolfssl

github.com/wolfSSL/wolfssl/pull/9112

cve.org (CVE-2025-11935)

nvd.nist.gov (CVE-2025-11935)

Download JSON