Description
Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.
Published: 2026-04-01
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Algorithm Downgrade
Action: Patch
AI Analysis

Impact

The flaw exists in Mbed TLS versions 3.3.0 through 3.6.5 and 4.0.0, enabling an attacker to force the library to use a weaker cryptographic algorithm. The downgrade bypasses expected security parameters, potentially allowing cryptographic keys to be derived in an unsuitable form or breaking data integrity. The associated Common Weakness identifiers highlight improper certificate validation, use of risky algorithms, and selection of weak cryptographic primitives.

Affected Systems

ARM’s Mbed TLS library, widely deployed in embedded and IoT devices, is affected. The vulnerability spans releases 3.3.0 up to 3.6.5 and the 4.0.0 major line. Systems relying on these versions—including embedded firmware, network appliances, and connected sensors—must assess whether the vulnerable library is in use.

Risk and Exploitability

With a CVSS base score of 6.5 the issue is considered moderate severity; however, exploitation likelihood is low according to the EPSS metric (<1%) and the vulnerability is not currently listed in the CISA KEV catalog. Successful exploitation would require the attacker to supply crafted algorithm identifiers, which suggests a remote configuration or protocol‑level vector, though precise conditions are not detailed in the advisory. Vulnerable deployments lacking updated cryptographic material thus face risk of weakened encryption or authentication.

Generated by OpenCVE AI on April 6, 2026 at 16:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Mbed TLS to the latest version that addresses the algorithm downgrade issue.
  • Verify the upgraded library by testing cryptographic operations to ensure strong algorithms are enforced.
  • If an upgrade is not immediately feasible, monitor vendor advisories for additional patches or workarounds and apply interim security controls such as disabling weaker algorithm options in configuration.

Generated by OpenCVE AI on April 6, 2026 at 16:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 06 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
First Time appeared Arm
Arm mbed Tls
CPEs cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
cpe:2.3:a:arm:mbed_tls:4.0.0:*:*:*:*:*:*:*
Vendors & Products Arm
Arm mbed Tls

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Mbed-tls
Mbed-tls mbedtls
Vendors & Products Mbed-tls
Mbed-tls mbedtls

Thu, 02 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title mbedtls: Mbed TLS: Algorithm downgrade vulnerability
Weaknesses CWE-358
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade.
Weaknesses CWE-295
CWE-327
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Arm Mbed Tls
Mbed-tls Mbedtls
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-01T18:54:32.185Z

Reserved: 2026-02-06T00:00:00.000Z

Link: CVE-2026-25834

cve-icon Vulnrichment

Updated: 2026-04-01T18:53:07.443Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-01T18:16:28.127

Modified: 2026-04-06T14:17:14.727

Link: CVE-2026-25834

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-04-01T00:00:00Z

Links: CVE-2026-25834 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T08:07:46Z

Weaknesses