CVE-2026-3230 | THREATINT

Description

Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a compromise in the confidentiality of TLS-protected communications via a crafted HelloRetryRequest followed by a ServerHello message that omits the required key_share extension, resulting in derivation of predictable traffic secrets from (EC)DHE shared secret. This issue does not affect the client's authentication of the server during TLS handshakes.

PUBLISHED Reserved 2026-02-25 | Published 2026-03-19 | Updated 2026-03-20 | Assigner wolfSSL

LOW: 1.2CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/AU:Y/R:A/V:D/U:Clear

Problem types

CWE-20 Improper Input Validation Improper Input Validation

Product status

Default status

unaffected

Any version before 5.9.0

affected

Credits

Jaehun Lee, Pohang University of Science and Technology (POSTECH) finder

Kyungmin Bae, Pohang University of Science and Technology (POSTECH) coordinator

References

github.com/wolfSSL/wolfssl/pull/9754

cve.org (CVE-2026-3230)

nvd.nist.gov (CVE-2026-3230)

Download JSON