Description
An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.
Published: 2026-04-01
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Client impersonation and authentication bypass
Action: Patch promptly
AI Analysis

Impact

In Mbed TLS libraries version 3.5.0 through 4.0.0, the logic that manages TLS 1.3 session resumption fails to correctly verify the client’s identity when the session is resumed. This flaw allows an attacker to forge a client identity and obtain the privileges of a legitimate client, effectively bypassing authentication controls and potentially gaining unauthorized access to services that rely on TLS 1.3 and client certificates.

Affected Systems

The vulnerability affects the Mbed TLS cryptographic library, which is widely deployed in embedded and IoT devices. All builds that include the affected versions (3.5.0 up to 4.0.0) are impacted; no specific vendor or product variants are named beyond the library itself.

Risk and Exploitability

The flaw carries a CVSS score of 9.1 and an EPSS probability of less than 1 percent, indicating high severity but low current exploitation likelihood. It is not recorded in the CISA KEV catalog. An attacker would need the ability to initiate a TLS 1.3 handshake from a client that has previously established a session and then reuse the session resumption context, potentially on a network they control. The exploitation requires control over the client and the ability to influence the TLS handshake, but remains a significant risk for any server that uses Mbed TLS for client authentication.

Generated by OpenCVE AI on April 7, 2026 at 20:03 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Mbed TLS to a version later than 4.0.0 to apply the fix.
  • Verify the integrity of all client certificates and enforce strict session‑resumption policies.
  • Monitor authentication logs for abnormal login attempts and consider network‑level filtering of TLS handshake traffic as a precautionary measure.

Generated by OpenCVE AI on April 7, 2026 at 20:03 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Arm
Arm mbed Tls
CPEs cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
Vendors & Products Arm
Arm mbed Tls

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Mbed-tls
Mbed-tls mbedtls
Vendors & Products Mbed-tls
Mbed-tls mbedtls

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-287
Metrics cvssV3_1

{'score': 10.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N'}

 cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

Thu, 02 Apr 2026 12:15:00 +0000

Type Values Removed Values Added
Title mbedtls: Mbed TLS: Client impersonation during TLS 1.3 session resumption
Weaknesses CWE-290
References
Metrics threat_severity

None

 cvssV3_1

{'score': 10.0, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N'}

threat_severity

Critical

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session.
References

Subscriptions

Arm Mbed Tls
Mbed-tls Mbedtls
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-02T16:24:46.024Z

Reserved: 2026-03-31T00:00:00.000Z

Link: CVE-2026-34873

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2026-04-01T21:17:01.990

Modified: 2026-04-07T12:13:36.527

Link: CVE-2026-34873

cve-icon Redhat

Severity : Critical

Publid Date: 2026-04-01T00:00:00Z

Links: CVE-2026-34873 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-08T19:59:56Z

Weaknesses