Description
Issue Summary: The PKCS#12 file processing fails to perform sufficient input
validation for files that use Password-Based Message Authentication Code 1
(PBMAC1) integrity mechanism allowing a certificate and private key forgery.

Impact Summary: An attacker impersonating a user can cause a service reading
PKCS#12 files to accept forged certificates and private keys with a 1 in 256
probability.

If a service accepting PKCS#12 files is using passwords for authenticating
the received files, the attacker can create unencrypted PKCS#12 files that
use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing
them to craft a file that will be accepted with a 1 in 256 probability.
That would then cause the service to accept a certificate and private key
controlled by the attacker.

The FIPS modules are not affected by this issue, as the affected code is
outside the OpenSSL FIPS module boundary.
Published: 2026-06-09
Score: 7.4 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OpenSSL’s handling of PKCS#12 files that use Password‑Based Message Authentication Code 1 (PBMAC1) fails to verify the integrity of the file when an HMAC key of only one byte is supplied. As a result, a crafted PKCS#12 file can be accepted with a one‑in‑256 probability, allowing an attacker to embed a forged certificate and private key that the processing application will load as if they were legitimate. The vulnerability does not provide direct code execution but enables impersonation and validation bypass for services that rely on PKCS#12 file authentication.

Affected Systems

The issue applies to the OpenSSL library, excluding the FIPS module where the affected code resides outside its boundary. No specific product versions are listed, so all releases of OpenSSL that implement PBMAC1 handling are potentially vulnerable.

Risk and Exploitability

The vulnerability’s CVSS score is 7.4, and its EPSS score is < 1%. A crafted PKCS#12 file with a one‑byte HMAC key is accepted with a 1 in 256 probability, giving an attacker the ability to embed a forged certificate and private key. Because the impact is the ability to impersonate a user through a forged credential, the risk is moderate if the application accepts arbitrary PKCS#12 files. The vulnerability is not currently listed in the CISA KEV catalog, and no public exploitation examples are known. The likely attack vector involves supply or upload of a malicious PKCS#12 file to a service that processes such files without additional validation.

Generated by OpenCVE AI on June 11, 2026 at 01:52 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade to a version of OpenSSL that has applied the fix for proper input validation of PBMAC1 PKCS#12 files.
  • Reconfigure any application to reject PBMAC1‑protected PKCS#12 files or enforce an HMAC key length greater than one byte before processing.
  • Implement additional PKCS#12 validation logic that checks the HMAC key length and rejects keys shorter than the recommended length before processing.

Generated by OpenCVE AI on June 11, 2026 at 01:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-6335-1 openssl security update
Ubuntu USN Ubuntu USN USN-8414-1 OpenSSL vulnerabilities
History

Mon, 15 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:4.0.0:-:*:*:*:*:*:*

Thu, 11 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-347
References
Metrics threat_severity

None

 threat_severity

Low

Wed, 10 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 10 Jun 2026 08:30:00 +0000

Type Values Removed Values Added
References

Wed, 10 Jun 2026 08:15:00 +0000

Type Values Removed Values Added
References

Tue, 09 Jun 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Openssl
Openssl openssl
Vendors & Products Openssl
Openssl openssl

Tue, 09 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
Description Issue Summary: The PKCS#12 file processing fails to perform sufficient input validation for files that use Password-Based Message Authentication Code 1 (PBMAC1) integrity mechanism allowing a certificate and private key forgery. Impact Summary: An attacker impersonating a user can cause a service reading PKCS#12 files to accept forged certificates and private keys with a 1 in 256 probability. If a service accepting PKCS#12 files is using passwords for authenticating the received files, the attacker can create unencrypted PKCS#12 files that use PBMAC1 authentication that specifies an HMAC key of only one byte, allowing them to craft a file that will be accepted with a 1 in 256 probability. That would then cause the service to accept a certificate and private key controlled by the attacker. The FIPS modules are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.
Title PKCS#12 Files with PBMAC1 Are Accepted with Short HMAC Keys
Weaknesses CWE-354
References

Subscriptions

Openssl Openssl
cve-icon MITRE

Status: PUBLISHED

Assigner: openssl

Published:

Updated: 2026-06-10T16:02:19.675Z

Reserved: 2026-03-26T09:29:36.013Z

Link: CVE-2026-34181

cve-icon Vulnrichment

Updated: 2026-06-10T16:00:39.916Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-09T17:17:04.740

Modified: 2026-06-15T18:13:13.673

Link: CVE-2026-34181

cve-icon Redhat

Severity : Low

Publid Date: 2026-06-09T00:00:00Z

Links: CVE-2026-34181 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T02:00:16Z

Weaknesses
  • CWE-347

    Improper Verification of Cryptographic Signature

  • CWE-354

    Improper Validation of Integrity Check Value