CVE-2026-34871 - Vulnerability Details

Description

An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).

Published: 2026-04-01

Score: 6.7 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The vulnerability arises from a predictable seed in the pseudo‑random number generator used by Mbed TLS and TF‑PSA‑Crypto. A determined attacker can predict the output of the PRNG, allowing compromise of cryptographic material such as keys, nonces, or session tokens. The weakness is formally identified as CWE‑338 and can result in loss of confidentiality and integrity for any encryption or authentication relying on the affected randomness source.

Affected Systems

Embedded systems and applications that incorporate ARM's Mbed TLS library prior to version 3.6.6, or the 4.x series before 4.1.0, and TF‑PSA‑Crypto before 1.1.0 are affected. These libraries are widely used in IoT firmware, secure boot solutions, and trust‑zone APIs on ARM processors.

Risk and Exploitability

The severity score of 6.7 places this issue in the medium‑high range. The EPSS score is less than 1 %, indicating a low probability of exploitation, and it is not listed in the CISA KEV catalog. Because the flaw is limited to the PRNG seed, exploitation requires an attacker who can influence or observe the seeding process, which is generally available to local or remote firmware running with the affected library. The cryptographic compromise potential makes this a critical concern for systems that treat PRNG output as fully random.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:arm:mbed_tls::::::::
	cpe:2.3:a:arm:tf-psa-crypto::::::::

No data.

Vendor Product Confidence Versions

Mbed-tls

Mbedtls

100%

Version	Status	Scheme	Platform
`[0,3.6.6)`	affected	semver	—
`[0,4.1.0)`	affected	semver	—

Mbed-tls

Tf-psa-crypto

100%

Version	Status	Scheme	Platform
`[0,1.1.0)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Mbed TLS to release 3.6.6 or later, or to a 4.x release of 4.1.0 or newer, and replace TF‑PSA‑Crypto with version 1.1.0 or later.
Verify that the library version installed on all devices matches the patched release.
Continue monitoring vendor advisories and validate any future random number generation used by firmware.

Generated by OpenCVE AI on April 6, 2026 at 17:43 UTC.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-4551-1	mbedtls security update

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://mbed-tls.readthedocs.io/en/latest/security-advisories/
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-dev-random/

History

Tue, 07 Apr 2026 08:00:00 +0000

Type	Values Removed	Values Added
Title	Predictable Random Number Generator Seed in Mbed TLS Enables Cryptographic Compromise

Mon, 06 Apr 2026 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Arm Arm mbed Tls Arm tf-psa-crypto
CPEs		cpe:2.3:a:arm:mbed_tls:::::::: cpe:2.3:a:arm:tf-psa-crypto::::::::
Vendors & Products		Arm Arm mbed Tls Arm tf-psa-crypto

Fri, 03 Apr 2026 10:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Mbed-tls Mbed-tls mbedtls Mbed-tls tf-psa-crypto
Vendors & Products		Mbed-tls Mbed-tls mbedtls Mbed-tls tf-psa-crypto

Thu, 02 Apr 2026 20:30:00 +0000

Type	Values Removed	Values Added
Title		Predictable Random Number Generator Seed in Mbed TLS Enables Cryptographic Compromise

Wed, 01 Apr 2026 23:45:00 +0000

Type	Values Removed	Values Added
Description		An issue was discovered in Mbed TLS before 3.6.6 and 4.x before 4.1.0 and TF-PSA-Crypto before 1.1.0. There is a Predictable Seed in a Pseudo-Random Number Generator (PRNG).
Weaknesses		CWE-338
References		https://mbed-tls.readthedocs.io/en/latest/security-advisories/ https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-dev-random/
Metrics		cvssV3_1 `{'score': 6.7, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Arm Mbed Tls Tf-psa-crypto

Mbed-tls Mbedtls Tf-psa-crypto

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2026-04-01T00:00:00.000Z

Updated: 2026-04-01T20:04:34.444Z

Reserved: 2026-03-31T00:00:00.000Z

Link: CVE-2026-34871

Vulnrichment

Updated: 2026-04-01T20:01:38.168Z

NVD

Status : Analyzed

Published: 2026-04-01T19:16:33.267

Modified: 2026-04-06T14:30:17.607

Link: CVE-2026-34871

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-07T08:07:42Z

Weaknesses

CWE-338

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object