Description
Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS (e.g. via `mbedtls_ssl_conf_min_tls_version`). The ClientHello advertises both versions and the peer can establish TLS 1.2, so applications that assumed `IPPROTO_TLS_1_3` enforces TLS 1.3 may silently use TLS 1.2 and remain exposed to TLS 1.2-specific weaknesses. As a workaround, the `TLS_CIPHERSUITE_LIST` socket option can be restricted to TLS 1.3-only cipher suites.
Published: 2026-05-11
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Zephyr sockets created with IPPROTO_TLS_1_3 can negotiate TLS 1.2 when both versions are enabled in Kconfig. Because the socket-level protocol selection is not passed to mbedTLS, the ClientHello advertises both TLS 1.2 and 1.3, allowing the peer to establish a TLS 1.2 connection. Applications that assume that IPPROTO_TLS_1_3 enforces TLS 1.3 may silently operate over TLS 1.2 and be exposed to TLS 1.2 weaknesses such as weaker cipher suites and downgrade attacks.

Affected Systems

Zephyr RTOS (Zephyr project) is affected. The issue occurs when sockets are created with IPPROTO_TLS_1_3 while the Zephyr configuration enables both TLS 1.2 and 1.3 in Kconfig. No specific version range is listed in the advisory; any build that satisfies these conditions is potentially vulnerable.

Risk and Exploitability

The CVSS score of 5.3 indicates a medium severity vulnerability. EPSS is not available, but the vulnerability is not listed in CISA KEV, suggesting limited known exploitation. A likely attack vector is a remote client that connects to the TLS 1.3 socket and forces a TLS 1.2 session, thereby lowering the security of the connection. As the downgrade can occur without authentication, the risk is primarily to confidentiality and integrity of data transmitted over the affected sockets.

Generated by OpenCVE AI on May 11, 2026 at 07:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Zephyr patch that propagates the TLS 1.3 minimum version to mbedTLS, addressing CWE-757.
  • Disable TLS 1.2 in the Zephyr configuration so only TLS 1.3 is available, mitigating CWE-757.
  • Restrict the TLS_CIPHERSUITE_LIST socket option to TLS 1.3 cipher suites to prevent downgrade, mitigating CWE-757.

Generated by OpenCVE AI on May 11, 2026 at 07:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 11 May 2026 07:45:00 +0000

Type Values Removed Values Added
First Time appeared Zephyrproject-rtos
Zephyrproject-rtos zephyr
Vendors & Products Zephyrproject-rtos
Zephyrproject-rtos zephyr

Mon, 11 May 2026 06:15:00 +0000

Type Values Removed Values Added
Description Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS (e.g. via `mbedtls_ssl_conf_min_tls_version`). The ClientHello advertises both versions and the peer can establish TLS 1.2, so applications that assumed `IPPROTO_TLS_1_3` enforces TLS 1.3 may silently use TLS 1.2 and remain exposed to TLS 1.2-specific weaknesses. As a workaround, the `TLS_CIPHERSUITE_LIST` socket option can be restricted to TLS 1.3-only cipher suites.
Title net: TLS 1.2 connections allowed on TLS 1.3 sockets
Weaknesses CWE-757
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Zephyrproject-rtos Zephyr
cve-icon MITRE

Status: PUBLISHED

Assigner: zephyr

Published:

Updated: 2026-05-11T05:52:12.140Z

Reserved: 2026-01-30T05:38:22.811Z

Link: CVE-2026-1677

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-11T06:16:08.683

Modified: 2026-05-11T06:16:08.683

Link: CVE-2026-1677

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-11T08:00:12Z

Weaknesses